search

c-bless / reveal

This project contains some PowerShell scripts used to collect system configurations or domain information. Furthermore it has a Flask based web application and API to import and analyze the results of collector scripts. It can export collected data to Excel via the Web-Interface or to JSON via API.
1 stars 1 forks source link

limit properties collected via AD-User and use dedicated requests #91

Closed c-bless closed 1 month ago

c-bless commented 1 month ago

Description: Limit properties collected via AD-User and use dedicated requests to collect the attributes only for affected user account.

Currently the following properties are collected at once.

      $basic_properties = @(
                        'DistinguishedName', 'SID', 'SamAccountName', 'displayName', 'Description', 'GivenName',
                        'Surname', 'Name', 'SIDHistory', 'Enabled', 'BadLogonCount', 'BadPwdCount' , 'Created',
                        'LastBadPasswordAttempt', 'lastLogon', 'LastLogonDate', 'TrustedForDelegation',
                        'TrustedToAuthForDelegation', 'logonCount', 'LockedOut', 'PasswordExpired', 'PasswordLastSet',
                        'PasswordNeverExpires','PasswordNotRequired', 'pwdLastSet','Modified'
      )
      # MemberOf will contain subelements. Thus, it will not be iterated to create new XML elements. 
      $properties = $basic_properties + "MemberOf"
      $properties = $properties + 'msDS-AllowedToDelegateTo'

Requested solution: Remove 'TrustedForDelegation', 'TrustedToAuthForDelegation', 'PasswordNeverExpires','PasswordNotRequired', 'msDS-AllowedToDelegateTo' from the list of properties collected at once.

Create dedicated search requests to collect missing attributes. Therefore a new Tag needs to be added to XML output (<ADUserAddon>).

c-bless commented 1 month ago

Attributes have been removed. They need to be collected in additional requests. 

$basic_properties` = @(
      'DistinguishedName', 'SID', 'SamAccountName', 'displayName', 'Description', 'GivenName',
      'Surname', 'Name', 'Enabled', 'BadLogonCount', 'BadPwdCount' , 'Created', 'LastBadPasswordAttempt',
      'lastLogon', 'LastLogonDate', 'logonCount', 'LockedOut', 'PasswordExpired', 'PasswordLastSet',
      'pwdLastSet','Modified'
  )
  # MemberOf will contain sub-elements. Thus, it will not be iterated to create new XML elements.
  $properties = $basic_properties + "MemberOf"