Forest lookup in SharpHound v2.1.0 fails when querying from a non-domain workstation. The native powershell module Get-ADForest works fine and finds all four domains from the forest, when pointed to the same server, so the problem should not be in credentials allthough the error message claims so.
Unhandled Exception: System.DirectoryServices.ActiveDirectory.ActiveDirectoryOperationException: Current security context is not associated with an Active Directory domain or forest.
at System.DirectoryServices.ActiveDirectory.DirectoryContext.GetLoggedOnDomain()
at System.DirectoryServices.ActiveDirectory.DirectoryContext.IsContextValid(DirectoryContext context, DirectoryContextType contextType)
at System.DirectoryServices.ActiveDirectory.DirectoryContext.isRootDomain()
at System.DirectoryServices.ActiveDirectory.Forest.GetForest(DirectoryContext context)
at Sharphound2.Utils.GetForestDomains() in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Utils.cs:line 804
at Sharphound2.Utils.CreateDomainList() in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Utils.cs:line 788
at Sharphound2.Utils..ctor(Options cli) in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Utils.cs:line 70
at Sharphound2.Utils.CreateInstance(Options cli) in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Utils.cs:line 44
at Sharphound2.Sharphound.Main(String[] args) in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Sharphound.cs:line 494
Forest lookup in SharpHound v2.1.0 fails when querying from a non-domain workstation. The native powershell module Get-ADForest works fine and finds all four domains from the forest, when pointed to the same server, so the problem should not be in credentials allthough the error message claims so.
cmd> runas /netonly /user:domain\user "powershell -executionpolicy bypass"
PS ...\BloodHound-master\Ingestors\DebugBuilds> .\SharpHound.exe --Domain "my.domain" --CollectionMethod "DCOnly" --SearchForest
Unhandled Exception: System.DirectoryServices.ActiveDirectory.ActiveDirectoryOperationException: Current security context is not associated with an Active Directory domain or forest. at System.DirectoryServices.ActiveDirectory.DirectoryContext.GetLoggedOnDomain() at System.DirectoryServices.ActiveDirectory.DirectoryContext.IsContextValid(DirectoryContext context, DirectoryContextType contextType) at System.DirectoryServices.ActiveDirectory.DirectoryContext.isRootDomain() at System.DirectoryServices.ActiveDirectory.Forest.GetForest(DirectoryContext context) at Sharphound2.Utils.GetForestDomains() in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Utils.cs:line 804 at Sharphound2.Utils.CreateDomainList() in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Utils.cs:line 788 at Sharphound2.Utils..ctor(Options cli) in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Utils.cs:line 70 at Sharphound2.Utils.CreateInstance(Options cli) in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Utils.cs:line 44 at Sharphound2.Sharphound.Main(String[] args) in C:\Users\rvazarkar\documents\visual studio 2017\Projects\Sharphound2\Sharphound2\Sharphound.cs:line 494
PS> get-adforest -Server my.domain
.. DomainNamingMaster : dc.my.domain Domains : {my.domain, other.my.domain, other.foo, other.bar} ForestMode : Windows2008R2Forest GlobalCatalogs : {dc.my.domain, ...} Name : my.domain ..
Running powershell 5.1 in windows 10.