Open 0xJs opened 1 year ago
0xe7
commented
1 year ago This is a similar issue to the one fixed in PR #12 , it does seem however that Get-ADIDNSNodeAttribute has a -Zone argument but it seems to me unneeded to GetCurrentDomain() if -Domain has been passed
Kevin-Robertson
commented
1 year ago I think I just went with needing to set everything manually for non-domain systems. I likely put the zone parameter there to deal with additional zones stored in AD such as reverse lookup or custom zones.
0xe7
commented
1 year ago Agreed, the -Zone parameter is required, what I'd probably do here is only check for $Domain, if it exists essentially run GetDomain($Domain) instead, then check for the remaining parameters, ie:
if ($PSBoundParameters['Domain'])
{
$DomainContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext('Domain', $Domain)
if ($PSBoundParameters['Credential'])
{
$DomainContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext('Domain', $Domain, $Credential.UserName, $Credential.GetNetworkCredential().Password)
}
try
{
$current_domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetDomain($DomainContext)
}
catch
{
Write-Output "[-] $($_.Exception.Message)"
throw
}
}
else
{
try
{
$current_domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
}
catch
{
Write-Output "[-] $($_.Exception.Message)"
throw
}
}Then check $Zone and $DomainController afterwards.
I can do a PR if you want?
Not possible to request a the records from a non-domain joined machine even though the
-domain -credential -domaincontrollerparameters are supplied. Please close if this is expected behaviour.