Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 tomas.kracmar
|
af945f529e |
+1
-1
@@ -8,7 +8,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: Bump-Version.ps1 ##
|
## File: Bump-Version.ps1 ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
@@ -6,6 +6,14 @@ Starting with **v2.2.0**, Elysium uses a **unified project version**. All script
|
|||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
## [2.4.3] — 2026-06-09
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
- Replaced the `DirectoryEntry` + `RefreshCache` tokenGroups retrieval in `Test-ReplicationPermissions` with `Get-ADUser -Properties tokenGroups`. The previous `DirectoryEntry` approach was broken by the v2.4.1 URI-escaping "fix" (`EscapeDataString` produces percent-encoded paths that ADSI `DirectoryEntry` cannot parse, causing "invalid dn syntax" errors).
|
||||||
|
- Removed `EscapeDataString` from the ACL-reading `DirectoryEntry` path in `Test-ReplicationPermissions` as well, since `DirectoryEntry` expects raw LDAP path syntax, not URI encoding.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## [2.4.2] — 2026-06-09
|
## [2.4.2] — 2026-06-09
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|||||||
+6
-10
@@ -1,4 +1,4 @@
|
|||||||
$script:ElysiumVersion = '2.4.2'
|
$script:ElysiumVersion = '2.4.3'
|
||||||
|
|
||||||
function Invoke-RestartWithExecutable {
|
function Invoke-RestartWithExecutable {
|
||||||
param(
|
param(
|
||||||
@@ -343,14 +343,10 @@ function Test-ReplicationPermissions {
|
|||||||
|
|
||||||
# tokenGroups is a constructed attribute containing all SIDs in the user's token,
|
# tokenGroups is a constructed attribute containing all SIDs in the user's token,
|
||||||
# including nested group memberships - more reliable than walking MemberOf recursively
|
# including nested group memberships - more reliable than walking MemberOf recursively
|
||||||
$userDe = New-Object System.DirectoryServices.DirectoryEntry(
|
$adUserWithTokenGroups = Get-ADUser -Identity $samName -Server $Server -Credential $Credential `
|
||||||
"LDAP://$Server/$([System.Uri]::EscapeDataString($adUser.DistinguishedName))",
|
-Properties tokenGroups -ErrorAction Stop
|
||||||
$Credential.UserName,
|
foreach ($sidBytes in $adUserWithTokenGroups.tokenGroups) {
|
||||||
$Credential.GetNetworkCredential().Password
|
$sid = New-Object System.Security.Principal.SecurityIdentifier(@([byte[]]$sidBytes), 0)
|
||||||
)
|
|
||||||
$userDe.RefreshCache(@('tokenGroups'))
|
|
||||||
foreach ($sidBytes in $userDe.Properties['tokenGroups']) {
|
|
||||||
$sid = New-Object System.Security.Principal.SecurityIdentifier($sidBytes, 0)
|
|
||||||
[void]$callerSids.Add($sid.Value)
|
[void]$callerSids.Add($sid.Value)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -374,7 +370,7 @@ function Test-ReplicationPermissions {
|
|||||||
$acl = $null
|
$acl = $null
|
||||||
try {
|
try {
|
||||||
$de = New-Object System.DirectoryServices.DirectoryEntry(
|
$de = New-Object System.DirectoryServices.DirectoryEntry(
|
||||||
"LDAP://$Server/$([System.Uri]::EscapeDataString($DomainDN))",
|
"LDAP://$Server/$DomainDN",
|
||||||
$Credential.UserName,
|
$Credential.UserName,
|
||||||
$Credential.GetNetworkCredential().Password
|
$Credential.GetNetworkCredential().Password
|
||||||
)
|
)
|
||||||
|
|||||||
+1
-1
@@ -7,7 +7,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: Elysium.ps1 ##
|
## File: Elysium.ps1 ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
@@ -8,7 +8,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: ElysiumSettings.txt ##
|
## File: ElysiumSettings.txt ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
@@ -7,7 +7,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: Extract-NTHashes.ps1 ##
|
## File: Extract-NTHashes.ps1 ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
@@ -7,7 +7,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: Prepare-KHDBStorage.ps1 ##
|
## File: Prepare-KHDBStorage.ps1 ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
@@ -8,7 +8,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: Test-WeakADPasswords.ps1 ##
|
## File: Test-WeakADPasswords.ps1 ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -7,7 +7,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: Uninstall.ps1 ##
|
## File: Uninstall.ps1 ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -7,7 +7,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: Update-KHDB.ps1 ##
|
## File: Update-KHDB.ps1 ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
@@ -7,7 +7,7 @@
|
|||||||
##################################################
|
##################################################
|
||||||
## Project: Elysium ##
|
## Project: Elysium ##
|
||||||
## File: Update-LithnetStore.ps1 ##
|
## File: Update-LithnetStore.ps1 ##
|
||||||
## Version: 2.4.2 ##
|
## Version: 2.4.3 ##
|
||||||
## Support: support@cqre.net ##
|
## Support: support@cqre.net ##
|
||||||
##################################################
|
##################################################
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user