ADExplorerSnapshot.py icon indicating copy to clipboard operation
ADExplorerSnapshot.py copied to clipboard
verified publisher icon c3c

Foreign Computer/User membership not added

Open api0cradle opened this issue 2 years ago • 4 comments

Great work on ADExplorerSnapshot.py! Love the tool and keep up the great work!

I do have one issue, and of course it might be my lab and not an issue. But it seems that if you have multiple domains and computer (or user) accounts are members of foreign groups, these are not added to the graph.

Tested with groups that are member of foreign groups and those works, however not computer or user accounts.

Is this a known issue?

Thanks

api0cradle avatar Oct 04 '23 09:10 api0cradle

Looked at the outputted json files and I could not see any traces of a known foreign group on computer/user objects

api0cradle avatar Oct 04 '23 09:10 api0cradle

Hi and thanks for the kind words!

I had to read over the code first to see what exactly is going on: indeed, only the 'member' attribute is parsed for groups, to see which objects belong to that group. At this moment it's not being done from the other angle (reading the 'memberOf' attribute for users/computers to see what groups they are part of). This would explain what you're seeing.

I think it's possible to add - it just would require adding an extra processing step to also add 'foreign groups' to the output. I can't fix it on the spot, but let's track it for now. Thanks for reporting!

c3c avatar Oct 04 '23 11:10 c3c

Awesome! Thanks for taking a look!

api0cradle avatar Oct 05 '23 09:10 api0cradle