TrimarcJake / BlueTuxedo

A tiny tool to find and fix common misconfigurations in Active Directory-integrated DNS
Other
99 stars 7 forks source link

Problem with 'DhcpServer' module #7

Closed nitsewg closed 1 year ago

nitsewg commented 1 year ago

This could very well be something I am doing wrong, but when I try to import the module, I get this error:

PS C:\powershell\bluetux\BlueTuxedo-main> import-module .\BlueTuxedo.psd1
import-module : The required module 'DhcpServer' is not loaded. Load the module or remove the module from
'RequiredModules' in the file 'C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psd1'.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (C:\powershell\b...BlueTuxedo.psd1:String) [Import-Module], Missing
   MemberException
    + FullyQualifiedErrorId : Modules_InvalidManifest,Microsoft.PowerShell.Commands.ImportModuleCommand

Let me know if there is something I can try to resolve this, or if you have questions. Thanks! Great talk at WWHF by the way.

TrimarcJake commented 1 year ago

Hi @nitsewg! Make sure you have the DHCP Remote Administration Tools from RSAT installed; the DhcpServer PoSh module is part of that package and is required for proper operation of the module.

Let me know if that helps, and thank you for trying out BT!

nitsewg commented 1 year ago

That was easy enough. It started to import, and then threw a bunch of errors saying that the content could not be read. I looked in the 'private' subdirectory, and all of the ps1 files are 0 bytes. I pulled the repo again on a different machine, and had the same result. If I browse the folders on github, it also looks like the files are empty. I'm not the best with git, so I may still be doing something stupid. hah -- This was on my linux system just to see if the files had any content:

➜  ~ git clone https://github.com/TrimarcJake/BlueTuxedo.git                                              
Cloning into 'BlueTuxedo'...
remote: Enumerating objects: 870, done.
remote: Counting objects: 100% (51/51), done.
remote: Compressing objects: 100% (39/39), done.
remote: Total 870 (delta 24), reused 23 (delta 11), pack-reused 819
Receiving objects: 100% (870/870), 17.57 MiB | 2.03 MiB/s, done.
Resolving deltas: 100% (525/525), done.
➜  ~ cd BlueTuxedo  
➜  BlueTuxedo git:(main) ls    
'ADI DNS - No demo.pptx'   BlueTuxedo.psm1   LICENSE    Private   README.md
 BlueTuxedo.psd1           Build             NOTES.md   Public    Tests
➜  BlueTuxedo git:(main) cd Private                                                            
➜  Private git:(main) ls -la
total 28
drwxrwxr-x 7 weston weston 4096 Oct 23 08:59 .
drwxrwxr-x 7 weston weston 4096 Oct 23 08:59 ..
drwxrwxr-x 2 weston weston 4096 Oct 23 08:59 Get
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-ConditionalForwarderAuditing.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-DanglingSPNs.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-DnsAdminsMembership.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-DynamicUpdateserviceAccount.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-ForwarderConfiguration.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-GlobalQueryBlockList.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-SocketPoolConfiguration.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-TombstonedDNSRecords.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-WeirdDACLs.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-WildcardRecord.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-WPADRecord.ps1
-rw-rw-r-- 1 weston weston    0 Oct 23 08:59 Get-ZoneScope.ps1
drwxrwxr-x 2 weston weston 4096 Oct 23 08:59 Repair
drwxrwxr-x 2 weston weston 4096 Oct 23 08:59 Show
drwxrwxr-x 2 weston weston 4096 Oct 23 08:59 Test
drwxrwxr-x 2 weston weston 4096 Oct 23 08:59 Utility
➜  Private git:(main) 
nitsewg commented 1 year ago

Here is the full error log, if that is helpful. It's possible it could be my software restriction policies as well. I am running powershell as an administrator, and set the execution policy to unrestricted for the moment. I may move the system and user into an OU that doesn't inherit policies temporarily, and see if that helps:

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-ConditionalForwarderAuditing.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-ConditionalForwarderAuditing.ps1 cannot be loaded because its
content could not be read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-DanglingSPNs.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-DanglingSPNs.ps1 cannot be loaded because its content could not be
read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-DnsAdminsMembership.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-DnsAdminsMembership.ps1 cannot be loaded because its content could
not be read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-DynamicUpdateserviceAccount.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-DynamicUpdateserviceAccount.ps1 cannot be loaded because its content
could not be read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-ForwarderConfiguration.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-ForwarderConfiguration.ps1 cannot be loaded because its content
could not be read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-GlobalQueryBlockList.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-GlobalQueryBlockList.ps1 cannot be loaded because its content could
not be read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-SocketPoolConfiguration.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-SocketPoolConfiguration.ps1 cannot be loaded because its content
could not be read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-TombstonedDNSRecords.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-TombstonedDNSRecords.ps1 cannot be loaded because its content could
not be read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-WeirdDACLs.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-WeirdDACLs.ps1 cannot be loaded because its content could not be
read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-WildcardRecord.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-WildcardRecord.ps1 cannot be loaded because its content could not be
read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-WPADRecord.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-WPADRecord.ps1 cannot be loaded because its content could not be
read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1

C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psm1 : Failed to import functions from
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-ZoneScope.ps1: File
C:\powershell\bluetux\BlueTuxedo-main\Private\Get-ZoneScope.ps1 cannot be loaded because its content could not be read.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,BlueTuxedo.psm1
TrimarcJake commented 1 year ago

Ope! I moved a bunch of Private functions into subfolders and never deleted the original versions of the functions. That should be cleared up now. Please let me know!

nitsewg commented 1 year ago

Progress! It started the audit, but then gave me a bunch of errors like this:


You cannot call a method on a null-valued expression.
At C:\powershell\bluetux\BlueTuxedo-main\Private\Test\Test-BTSecurityDescriptorACE.ps1:73 char:17
+             if ($aceName.EndsWith('$')) {
+                 ~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

You cannot call a method on a null-valued expression.
At C:\powershell\bluetux\BlueTuxedo-main\Private\Test\Test-BTSecurityDescriptorOwner.ps1:48 char:13
+         if ($ownerName.EndsWith('$')) {
+             ~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

In spite of the errors, it looks like it ran. I have a lot of stuff to look through now. haha

nitsewg commented 1 year ago

Update: It doesn't look like it gave me the commands to run to delete dangling SPNs or convert legacy zones... not sure if that is usual behavior though.

TrimarcJake commented 1 year ago

That is usual behavior for now because I haven't written those modules yet! :D

I will make the Repair- functions for Dangling SPNs and Legacy zones a priority. Are there any other findings you need immediate help with?

TrimarcJake commented 1 year ago

Issues #9 and #10 have been created! Do you consider your original DhcpServer issue resolved?

nitsewg commented 1 year ago

Yep, definitely resolved! Sorry, I should have opened other issues instead of piggy-backing on this one. hah. Thanks a bunch for the help, and for being so responsive! I have shared this tool with a few others as well. This is an area that we hadn't given much consideration to, so this is incredibly helpful, and arguably one of the best things I came away with from WWHF. Thanks for your work on it! -- To answer your earlier question, the SPNs are the main thing I don't have resolved. I was able to convert my legacy zones manually without too much trouble.

TrimarcJake commented 1 year ago

Yo! I love to hear what you just said <3 <3 <3

If you move over to issue #9, I can give you manual remediation steps for now so you get those danglers tightened up. :D