The GPOLocalGroup processor crashes when ResolveAccountName fails to resolve the member name and this stops processing for the GPO entirely.
One such case I've seen is when the group name has a format like PT0-%ComputerName%-LocalAdmin.
Ideally it would be great if some process variables such as %ComputerName% and %DomainName% could be resolved by sharphound, but I don't see a clean way to implement this.
But at least we can prevent a crash and print a warning.
The GPOLocalGroup processor crashes when ResolveAccountName fails to resolve the member name and this stops processing for the GPO entirely. One such case I've seen is when the group name has a format like PT0-%ComputerName%-LocalAdmin.
Ideally it would be great if some process variables such as %ComputerName% and %DomainName% could be resolved by sharphound, but I don't see a clean way to implement this. But at least we can prevent a crash and print a warning.