From 10cbf0285d444978e32c3b9d17e19e446a787f7f Mon Sep 17 00:00:00 2001 From: Tomas Kracmar Date: Tue, 9 Jun 2026 13:42:34 +0200 Subject: [PATCH] Release v2.4.1: URI-escape DNs in DirectoryEntry LDAP URLs Test-ReplicationPermissions and Test-DCClockSkew now escape Distinguished Names via [System.Uri]::EscapeDataString before constructing DirectoryEntry LDAP URLs. This prevents URL mis-parsing when DNs contain /, #, or other reserved characters. All versions bumped to unified v2.4.1. --- Bump-Version.ps1 | 2 +- CHANGELOG.md | 7 +++++++ Elysium.Common.ps1 | 6 +++--- Elysium.ps1 | 2 +- ElysiumSettings.txt.sample | 2 +- Extract-NTHashes.ps1 | 2 +- Prepare-KHDBStorage.ps1 | 2 +- Test-WeakADPasswords.ps1 | 2 +- Uninstall.ps1 | 2 +- Update-KHDB.ps1 | 2 +- Update-LithnetStore.ps1 | 2 +- 11 files changed, 19 insertions(+), 12 deletions(-) diff --git a/Bump-Version.ps1 b/Bump-Version.ps1 index fe6827a..385ae83 100644 --- a/Bump-Version.ps1 +++ b/Bump-Version.ps1 @@ -8,7 +8,7 @@ ################################################## ## Project: Elysium ## ## File: Bump-Version.ps1 ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ################################################## diff --git a/CHANGELOG.md b/CHANGELOG.md index 136f1aa..5a7c19e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,13 @@ Starting with **v2.2.0**, Elysium uses a **unified project version**. All script --- +## [2.4.1] — 2026-06-09 + +### Fixed +- `Test-ReplicationPermissions` and `Test-DCClockSkew` now URI-escape Distinguished Names via `[System.Uri]::EscapeDataString` before embedding them in `DirectoryEntry` LDAP URLs. DNs containing `/`, `#`, or other reserved characters previously caused URL mis-parsing and constructor failures. + +--- + ## [2.4.0] — 2026-06-09 ### Added diff --git a/Elysium.Common.ps1 b/Elysium.Common.ps1 index 60a3843..255bdc2 100644 --- a/Elysium.Common.ps1 +++ b/Elysium.Common.ps1 @@ -1,4 +1,4 @@ -$script:ElysiumVersion = '2.4.0' +$script:ElysiumVersion = '2.4.1' function Invoke-RestartWithExecutable { param( @@ -344,7 +344,7 @@ function Test-ReplicationPermissions { # tokenGroups is a constructed attribute containing all SIDs in the user's token, # including nested group memberships — more reliable than walking MemberOf recursively $userDe = New-Object System.DirectoryServices.DirectoryEntry( - "LDAP://$Server/$($adUser.DistinguishedName)", + "LDAP://$Server/$([System.Uri]::EscapeDataString($adUser.DistinguishedName))", $Credential.UserName, $Credential.GetNetworkCredential().Password ) @@ -374,7 +374,7 @@ function Test-ReplicationPermissions { $acl = $null try { $de = New-Object System.DirectoryServices.DirectoryEntry( - "LDAP://$Server/$DomainDN", + "LDAP://$Server/$([System.Uri]::EscapeDataString($DomainDN))", $Credential.UserName, $Credential.GetNetworkCredential().Password ) diff --git a/Elysium.ps1 b/Elysium.ps1 index 8b0a9d4..c396b0b 100644 --- a/Elysium.ps1 +++ b/Elysium.ps1 @@ -7,7 +7,7 @@ ################################################## ## Project: Elysium ## ## File: Elysium.ps1 ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ################################################## diff --git a/ElysiumSettings.txt.sample b/ElysiumSettings.txt.sample index 5767bfd..38613ff 100644 --- a/ElysiumSettings.txt.sample +++ b/ElysiumSettings.txt.sample @@ -8,7 +8,7 @@ ################################################## ## Project: Elysium ## ## File: ElysiumSettings.txt ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ################################################## diff --git a/Extract-NTHashes.ps1 b/Extract-NTHashes.ps1 index 978cf7c..19a4530 100644 --- a/Extract-NTHashes.ps1 +++ b/Extract-NTHashes.ps1 @@ -7,7 +7,7 @@ ################################################## ## Project: Elysium ## ## File: Extract-NTHashes.ps1 ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ################################################## diff --git a/Prepare-KHDBStorage.ps1 b/Prepare-KHDBStorage.ps1 index cb3adcf..752ebc5 100644 --- a/Prepare-KHDBStorage.ps1 +++ b/Prepare-KHDBStorage.ps1 @@ -7,7 +7,7 @@ ################################################## ## Project: Elysium ## ## File: Prepare-KHDBStorage.ps1 ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ################################################## diff --git a/Test-WeakADPasswords.ps1 b/Test-WeakADPasswords.ps1 index 965d64d..0b82eb4 100644 --- a/Test-WeakADPasswords.ps1 +++ b/Test-WeakADPasswords.ps1 @@ -8,7 +8,7 @@ ################################################## ## Project: Elysium ## ## File: Test-WeakADPasswords.ps1 ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ################################################## diff --git a/Uninstall.ps1 b/Uninstall.ps1 index 636676f..3b030e6 100644 --- a/Uninstall.ps1 +++ b/Uninstall.ps1 @@ -7,7 +7,7 @@ ################################################## ## Project: Elysium ## ## File: Uninstall.ps1 ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ################################################## diff --git a/Update-KHDB.ps1 b/Update-KHDB.ps1 index c617e4a..5e04882 100644 --- a/Update-KHDB.ps1 +++ b/Update-KHDB.ps1 @@ -7,7 +7,7 @@ ################################################## ## Project: Elysium ## ## File: Update-KHDB.ps1 ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ################################################## diff --git a/Update-LithnetStore.ps1 b/Update-LithnetStore.ps1 index 134b66a..1a2ea32 100644 --- a/Update-LithnetStore.ps1 +++ b/Update-LithnetStore.ps1 @@ -7,7 +7,7 @@ ################################################## ## Project: Elysium ## ## File: Update-LithnetStore.ps1 ## -## Version: 2.4.0 ## +## Version: 2.4.1 ## ## Support: support@cqre.net ## ##################################################