HAD-DC-Allow-Computer-Account-ReUse sid accounts

[livarkhal]

Hello,

I don't encounter any problems with this for the moment, but for me it doesn't seems normal to have SIDs accouents like this in a GPO. Which accounts have to be sets here?

Screenshots

Thanks :D

[LoicVeirman]

Hi livarkhal,

You're right, I have somehow missed to rewrite the SDDL before the GPO is build within the target AD (we use a migration.table but sounds like it won't match here). I'll get the point asap.

[LoicVeirman]

Issue identified: the migTable is not working upon the GptTmpl.inf file, I don't really know if it is related to the translation the script does or a real limit (I don't think so, however).

I finally found more easier to dynamically update the file accordingly to our needs and thus have written a new function Set-GptTmplSID. This bug will hence be definitively fixed in the release 2.9.9 ; I will however provide a new quickfix edition in august as the modification is pretty easy to add to the existing version.

[LoicVeirman]

The bug is also fixed in the QuickFix Edition of August 2024. Enjoy :)