Extraction of password policies and some registry values from the GptTmpl file

[0cmenog]

With this PR, the GptTmpl.inf file is parsed more in depth, to extract:

• MinimumPasswordAge
• MaximumPasswordAge
• MinimumPasswordLength
• PasswordComplexity
• PasswordHistorySize
• ClearTextPassword
• RequiresServerSMBSigning
• EnablesServerSMBSigning
• RequiresClientSMBSigning
• EnablesClientSMBSigning
• RequiresLDAPClientSigning
• LmCompatibilityLevel If a key is not found, the field is left empty. This extension is triggered with the collection method GPOLocalGroup and the changes are visible in the domains.json and the ous.json files.

[github-actions[bot]]

CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅

[0cmenog]

I have read the CLA Document and I hereby sign the CLA

[rvazarkar]

This is pretty cool, we've been talking about pulling more info out of GPOs for a while. Will take a look and discuss internally

[0cmenog]

The extraction of the following lockout policies has been added:

• LockoutDuration
• LockoutBadCount
• ResetLockoutCount
• ForceLogoffWhenHourExpire

Also, some GPO precedences have been added to visualize the really applied GPO rules:

• link order (already existing)
• domain rules applied before the OU ones (already existing)
• blockInheritance
• enforced
• nested OU

Indeed, this PR is related to the BloodHoundAD/BloodHound#672 one, where the main part of the precedences are managed.

[0cmenog]

The PR has been updated once more to add the extraction of:

• CachedLogonsCount
• LDAPEnforceChannelBinding

Moreover, the ingestion and the visualization have been implemented in a new PR for the new BloodHound version.

[StephenHinck]

Hello, please see my comment here: https://github.com/SpecterOps/BloodHound/pull/178#issuecomment-1969184434