PingCastle 3.1.0.1

Exports/ExportComputers.cs

@@ -100,7 +100,7 @@ public override void Export(string filename)
  data.Add(string.Empty);
  data.Add(string.Empty);
  }
- if (lapsAnalyzer.LegacyLAPSIntId > 0 && x.ReplPropertyMetaData != null && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
+ if (lapsAnalyzer.LegacyLAPSIntId != 0 && x.ReplPropertyMetaData != null && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
  {
  var dd = x.ReplPropertyMetaData[lapsAnalyzer.LegacyLAPSIntId];
  data.Add(dd.LastOriginatingChange.ToString("u"));
@@ -109,7 +109,7 @@ public override void Export(string filename)
  {
  data.Add(string.Empty);
  }
- if (lapsAnalyzer.MsLAPSIntId > 0 && x.ReplPropertyMetaData != null && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
+ if (lapsAnalyzer.MsLAPSIntId != 0 && x.ReplPropertyMetaData != null && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
  {
  var dd = x.ReplPropertyMetaData[lapsAnalyzer.MsLAPSIntId];
  data.Add(dd.LastOriginatingChange.ToString("u"));

Healthcheck/HealthcheckAnalyzer.cs

@@ -925,7 +925,7 @@ private void GenerateComputerData(ADDomainInfo domainInfo, ADWebService adws)
  }
  }
  }
- if (x.ReplPropertyMetaData != null && LAPSAnalyzer.LegacyLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(LAPSAnalyzer.LegacyLAPSIntId))
+ if (x.ReplPropertyMetaData != null && LAPSAnalyzer.LegacyLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(LAPSAnalyzer.LegacyLAPSIntId))
  {
  proxy.AddWithoutDetail("LAPS");
  var d = x.ReplPropertyMetaData[LAPSAnalyzer.LegacyLAPSIntId];
@@ -938,7 +938,7 @@ private void GenerateComputerData(ADDomainInfo domainInfo, ADWebService adws)
  lapsDistribution[i] = 1;
  }
  }
- if (x.ReplPropertyMetaData != null && LAPSAnalyzer.MsLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(LAPSAnalyzer.MsLAPSIntId))
+ if (x.ReplPropertyMetaData != null && LAPSAnalyzer.MsLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(LAPSAnalyzer.MsLAPSIntId))
  {
  proxy.AddWithoutDetail("LAPSNew");
  var d = x.ReplPropertyMetaData[LAPSAnalyzer.MsLAPSIntId];
@@ -2607,7 +2607,7 @@ void ThreadGPOAnalysis(int ThreadId, ADWebService adws, string directoryFullName
  if (adws.FileConnection.FileExists(path))
  {
  step = "extract GPP local group assignment";
- ExtractLocalGroupAssignment(adws, path, GPO, "Unknown [" + shortName + "]");
+ ExtractLocalGroupAssignment(adws, path, GPO);
  }
  path = directoryFullName + @"\Machine\Microsoft\Windows nt\SecEdit\GptTmpl.inf";
  if (adws.FileConnection.FileExists(path))
@@ -2680,14 +2680,14 @@ void ThreadGPOAnalysis(int ThreadId, ADWebService adws, string directoryFullName
  }
  }
 
- private void ExtractLocalGroupAssignment(ADWebService adws, string path, GPO GPO, string p)
+ private void ExtractLocalGroupAssignment(ADWebService adws, string path, GPO GPO)
  {
  XmlDocument doc = new XmlDocument();
  doc.Load(path);
  XmlNodeList nodeList = doc.SelectNodes(@"//Group");
  foreach (XmlNode node in nodeList)
  {
- XmlNode actionNode = node.SelectSingleNode(@"//Properties/@action");
+ XmlNode actionNode = node.SelectSingleNode(@"Properties/@action");
  if (actionNode != null)
  {
  switch (actionNode.Value.ToUpperInvariant())
@@ -2703,7 +2703,7 @@ private void ExtractLocalGroupAssignment(ADWebService adws, string path, GPO GPO
  var groupNameNode = node.SelectSingleNode("@name");
  if (groupNameNode == null)
  continue;
- foreach (XmlNode userNameNode in node.SelectNodes(@"//Member[@action=""ADD""]"))
+ foreach (XmlNode userNameNode in node.SelectNodes(@"Properties/Members/Member[@action=""ADD""]"))
  {
  var sidnode = userNameNode.SelectSingleNode("@sid");
  if (sidnode == null)
@@ -4552,9 +4552,9 @@ private LAPSAnalyzer CheckLAPSInstalled(ADDomainInfo domainInfo, ADWebService ad
  var f = false;
  // check if there is a LAPS attribute (looked into metadata because hidden if the current user has not right to read it)
  if (
- (lapsAnalyzer.LegacyLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
+ (lapsAnalyzer.LegacyLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
  ||
- (lapsAnalyzer.MsLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
+ (lapsAnalyzer.MsLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
  )
  {
  if (x.NTSecurityDescriptor != null)

Properties/AssemblyInfo.cs

@@ -28,5 +28,5 @@
 // Numéro de build
 // Révision
 //
-[assembly: AssemblyVersion("3.1.0.0")]
-[assembly: AssemblyFileVersion("3.1.0.0")]
+[assembly: AssemblyVersion("3.1.0.1")]
+[assembly: AssemblyFileVersion("3.1.0.1")]

Scanners/LAPSBitLocker.cs

@@ -65,12 +65,12 @@ public void Export(string filename)
  LastLogonTimestamp = x.LastLogonTimestamp,
  OperatingSystem = x.OperatingSystem,
  };
- if (lapsAnalyzer.LegacyLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
+ if (lapsAnalyzer.LegacyLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
  {
  computer.HasLegacyLAPS = true;
  computer.LegacyLAPSLastChange = x.ReplPropertyMetaData[lapsAnalyzer.LegacyLAPSIntId].LastOriginatingChange;
  }
- if (lapsAnalyzer.MsLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
+ if (lapsAnalyzer.MsLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
  {
  computer.HasMsLAPS = true;
  computer.MsLAPSLastChange = x.ReplPropertyMetaData[lapsAnalyzer.MsLAPSIntId].LastOriginatingChange;

changelog.txt

@@ -1,3 +1,7 @@
+3.1.0.1
+* fix local membership if many settings are defined
+* fix LAPS collection (signed / unsigned bug)
+
 3.1.0.0
 * fix a bug for machineaccountquote when GPO has been rewritten to remove all users
 * fix a regression introduced in previous version in P-TrustedCredManAccessPrivilege