Open ddonders opened 6 years ago
That is strange, nothing is under the "Configured" list either? Does the DC respond to a ping request? If not, that might be the issue. I believe I have a check under the Password Filtering option that it attempts to ping the DCs before listing them in either column. I should probably just take that check out.
Let me know please. Thanks!
On Wed, Oct 4, 2017 at 3:54 AM, ddonders notifications@github.com wrote:
When running the CredDefense.exe and selecting the Password Filtering > Install/ Uninstall no Unconfigured DC's are listed.
The *.dll hasn't been previously deployed.
OS is Windows Server 2016.
Any idea what would cause this? Selecting the Password Auditing option it does enumerate the domain and DC.
Thanks for your feedback.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/CredDefense/CredDefense/issues/5, or mute the thread https://github.com/notifications/unsubscribe-auth/ALb0HCHPmA3qfTxX9-DjlHf4CISzEN3pks5so1XGgaJpZM4PtXEs .
Correct, nothing under configured either.
Doing this on a DEV DC, so running the tool locally.
Today tried on a 2008R2 DC, same result DC not listed when trying to install.
Followed the manual steps from the blog post
That appears to work.
Hey @ddonders I've got the same issue. Brand new 2012 DC in a test/dev lab, and the DC list is empty when I install CredDefense. When you say you followed manual steps from the blog post, were you referring to:
--
Deploy the EasyPasswordFilter DLL to the %SystemRoot%\Windows\System32 directory on the target DC
Deploy the password list to %SystemRoot%\epf folder on the target DC
I'm thinking I've done all these right but still have an empty DC list for CredDefense, so wondering if maybe I'm missing a step.
Thanks, Brian
Hello Brian With manual deployment I mean implementing the Password Filter. It doesn't change the usage of the tool.
I've exchanged some messages using Twitter with one of the creators, @fullmetalcache, and they were going to remove a system live check in the tool. So far they haven't published that update yet.
@ddonders thank you!
If you get a minute would you mind detailing out your manual steps a little bit? As I mentioned, I'm running a standalone DC and attempting to install the tool but cannot for the life of me get the DC list to populate. Maybe I need to drop down and try a 2008R2 DC.
Sure no problem. I tested on a Windows 2016 Server.
What I did is exactly the steps the program would do automatically. On a DC:
Good luck.
Thanks much. I did all the steps and am still seeing an empty DC list. Argh. Only thing I anticipate I could goof up is step 3, but that looks like this, right?
This doesn't fix the CredDefense tool, the manual procedure should enable the password dictionary.
Hey sorry, I think my nose was so buried in this that I needed to take a step back. The manual steps we take install the filter and BYPASS the CredDefense GUI, yes? Sorry...in my head I was thinking that your manual install would make the GUI pick up on the missing DC and...yeah, I need sleep.
Hey Guys,
Sorry that it's been awhile with radio silence. We are hoping to be more active on this going forward.
I removed the code that checks if a system is reachable before adding it to the DCs list. This feature isn't in the Password Audit module and I am pretty sure it's what is causing the issue you are seeing. Here's a link to the commit:
https://github.com/CredDefense/CredDefense/commit/caf676ff17177be9ec868d118116da707c1ce580
Please let me know if that helps.
Thank you guys for your feedback!
Hey @fullmetalcache thanks for that change. I spun up a brand new 2012 server, made it into a DC, installed .Net and ran the installer but unfortunately I'm still seeing a blank "Unconfigured DC" list. Any other things I can test, logs I can post, etc. to help figure out what's up?
Thanks, Brian
For grins, I tried a fresh 2008R2 DC since I was working on another lab project this evening. Same exact issue.
Also, if it makes a difference, I tried out the password audit feature, and after selecting a password list and and output file, I get this upon continuing:
This wouldn't be related to the original issue would it?
For what it's worth I'm seeing the same problem in a fresh install of server 2012 R2 in a lab environment. I installed Windows, set static IP, ran dc promo, rebooted, and tried installing password filtering. Nothing listed in the Unconfigured DCs column.
Thanks for verifying, @hackern0v1c3. Nice to know I'm not crazy (at least not totally).
Just thought I'd give this a bump.
BUMP
;-)
Trying to get this post active again.
For those interested and having an Azure AD subscription, MS released in preview a feature that should achieve the same.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad
Hey just ran into similar issues on a clean fresh install 2016 DC in my lab, but was an easy fix so maybe not the same problem.
Two points to keep in mind,
So if you still having trouble try this:
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Couple things I wanted to note for new users:
this is an awesome project! thanks to all that have contributed
I could not list DC's as well, I had a 2012 R2 server, but realized I was running the installer (CredDefense.exe) off the DC, I ran off a win10 workstation that I had joined to that domain and it worked perfect.
the installer installed the \epf folder off the root of the c:\ drive not in the c:\windows directory as noted in the manual install instructions.
I am not sure the the "excludeupdated.txt" and the "updated.txt" is for that is included in the install .zip.
thanks again for making this such a great project!
@JacobPete I did not do any work on building this so could be wrong, to your point
all else, good points
When running the CredDefense.exe and selecting the Password Filtering > Install/ Uninstall no Unconfigured DC's are listed.
The *.dll hasn't been previously deployed.
OS is Windows Server 2016.
Any idea what would cause this? Selecting the Password Auditing option it does enumerate the domain and DC.
Thanks for your feedback.