0x6d69636b
commented
2 months ago It works for local and well-known groups on a Spanish system, doesn't it? So only local users like Invitado or Administrador are a problem?
Open CarlosM4 opened 2 months ago
0x6d69636b
commented
2 months ago It works for local and well-known groups on a Spanish system, doesn't it? So only local users like Invitado or Administrador are a problem?
CarlosM4
commented
2 months ago The script works on a Spanish system, only the check is the one that does not give the expected result, because it validates only user in English.
I understand that I could modify the .CSV and change the corresponding users according to the language, but I wanted to know if there is a way to make it work for both languages?
0x6d69636b
commented
2 months ago There is already a translation function in place for well-known groups, hence my question about groups already working. If only the local accounts (RID 500 and 501) are wrong, then I could extend the translation function. If everything is wrong then I need to debug it
CarlosM4
commented
2 months ago Below is an example of a control check, in this case the expected result should be “Severity: Low” since the “Administrador” account has not been renamed.
Result is Passed: [+] ID 2.3.1.4, Accounts: Rename administrator account, Result=Administrador, Recommended=Administrator, Severity=Passed
In the .CSV the condition is for any name other than “Administrator”, so it takes it as correct.
Template used: finding_list_cis_microsoft_windows_11_enterprise_22h2_machine
0x6d69636b
commented
2 months ago I have added the translation of local accounts in the dev version, this should fix all items of User Rights Assignment checks.
However, it will not fix your last point, the Accounts: Rename administrator account check. Here you need to change the RecommendedValue in the CSV file, as you have already done.
CarlosM4
commented
2 months ago Thank you very much for the support, I will try this version.
Hello Team,
The controls that check local accounts or groups, such as Guest, Administrators, do not give the expected result when the OS language is in Spanish.
Default account names in spanish: Invitado, Administrador
Example of failed controls:
221 User Rights Assignment: Access Credential Manager as a trusted caller 222 User Rights Assignment: Access this computer from the network 223 User Rights Assignment: Act as part of the operating system 224 User Rights Assignment: Adjust memory quotas for a process 225 User Rights Assignment: Allow log on locally 226 User Rights Assignment: Allow log on through Remote Desktop Services 227 User Rights Assignment: Back up files and directories 228 User Rights Assignment: Change the system time 229 User Rights Assignment: Change the time zone
Is it possible to perform the check for 2 types of languages (English and Spanish) at the same time just by modifying the .CSV?
Regards