How do I retrieve the password of the SharePointUser service account?

This is a little bit complicated because the password is encrypted and unique for each installation. The password is encrypted using the DPAPI which is an internal encryption mechanism which performs machine specific encryption. This means the SharePointUser password can only be decrypted on the machine it was created on.

Here are the steps to perform:

1. Download CipherLite.NET 1.5 setup file:

2. Install CipherLite.NET 1.5 for Everybody

3. Run the CipherLite.NET GUI from the start menu

4. Query the encrypted key data from the registry from the commandline:


Command: reg query "HKLM\SOFTWARE\Microsoft\Windows Home Server\Umbrella" /v SPUserData

5. Copy the output (using right-mouse-button > Edit > Copy) and paste the output into the CipherLite.NET 1.5 window's Decryption tab:


Decrypt data using: DPAPI
Secondary Entropy/Salt: HomeServerConsole
Encoding: Hex-encoded
Ciphertext: The text copied before. Make sure to remove the first two words, blanks and newlines are ignored.

6. Click the Decrypt button.

If you get the Operation failed. DPAPI was unable to decrypt data. CryptUnprotectData failed. Invalid data. error then some of the data does not match.

Last edited Sep 14, 2010 at 7:16 PM by fkollmann, version 5


No comments yet.