PingCastle 3.1.0.1

Author: vletoux

Exports/ExportComputers.cs

@@ -100,7 +100,7 @@ public override void Export(string filename)
                                 data.Add(string.Empty);
                                 data.Add(string.Empty);
                             }
-                            if (lapsAnalyzer.LegacyLAPSIntId > 0 && x.ReplPropertyMetaData != null && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
+                            if (lapsAnalyzer.LegacyLAPSIntId != 0 && x.ReplPropertyMetaData != null && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
                             {
                                 var dd = x.ReplPropertyMetaData[lapsAnalyzer.LegacyLAPSIntId];
                                 data.Add(dd.LastOriginatingChange.ToString("u"));
@@ -109,7 +109,7 @@ public override void Export(string filename)
                             {
                                 data.Add(string.Empty);
                             }
-                            if (lapsAnalyzer.MsLAPSIntId > 0 && x.ReplPropertyMetaData != null && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
+                            if (lapsAnalyzer.MsLAPSIntId != 0 && x.ReplPropertyMetaData != null && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
                             {
                                 var dd = x.ReplPropertyMetaData[lapsAnalyzer.MsLAPSIntId];
                                 data.Add(dd.LastOriginatingChange.ToString("u"));

Healthcheck/HealthcheckAnalyzer.cs

@@ -925,7 +925,7 @@ private void GenerateComputerData(ADDomainInfo domainInfo, ADWebService adws)
                                     }
                                 }
                             }
-                            if (x.ReplPropertyMetaData != null && LAPSAnalyzer.LegacyLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(LAPSAnalyzer.LegacyLAPSIntId))
+                            if (x.ReplPropertyMetaData != null && LAPSAnalyzer.LegacyLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(LAPSAnalyzer.LegacyLAPSIntId))
                             {
                                 proxy.AddWithoutDetail("LAPS");
                                 var d = x.ReplPropertyMetaData[LAPSAnalyzer.LegacyLAPSIntId];
@@ -938,7 +938,7 @@ private void GenerateComputerData(ADDomainInfo domainInfo, ADWebService adws)
                                         lapsDistribution[i] = 1;
                                 }
                             }
-                            if (x.ReplPropertyMetaData != null && LAPSAnalyzer.MsLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(LAPSAnalyzer.MsLAPSIntId))
+                            if (x.ReplPropertyMetaData != null && LAPSAnalyzer.MsLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(LAPSAnalyzer.MsLAPSIntId))
                             {
                                 proxy.AddWithoutDetail("LAPSNew");
                                 var d = x.ReplPropertyMetaData[LAPSAnalyzer.MsLAPSIntId];
@@ -2607,7 +2607,7 @@ void ThreadGPOAnalysis(int ThreadId, ADWebService adws, string directoryFullName
                 if (adws.FileConnection.FileExists(path))
                 {
                     step = "extract GPP local group assignment";
-                    ExtractLocalGroupAssignment(adws, path, GPO, "Unknown [" + shortName + "]");
+                    ExtractLocalGroupAssignment(adws, path, GPO);
                 }
                 path = directoryFullName + @"\Machine\Microsoft\Windows nt\SecEdit\GptTmpl.inf";
                 if (adws.FileConnection.FileExists(path))
@@ -2680,14 +2680,14 @@ void ThreadGPOAnalysis(int ThreadId, ADWebService adws, string directoryFullName
             }
         }
 
-        private void ExtractLocalGroupAssignment(ADWebService adws, string path, GPO GPO, string p)
+        private void ExtractLocalGroupAssignment(ADWebService adws, string path, GPO GPO)
         {
             XmlDocument doc = new XmlDocument();
             doc.Load(path);
             XmlNodeList nodeList = doc.SelectNodes(@"//Group");
             foreach (XmlNode node in nodeList)
             {
-                XmlNode actionNode = node.SelectSingleNode(@"//Properties/@action");
+                XmlNode actionNode = node.SelectSingleNode(@"Properties/@action");
                 if (actionNode != null)
                 {
                     switch (actionNode.Value.ToUpperInvariant())
@@ -2703,7 +2703,7 @@ private void ExtractLocalGroupAssignment(ADWebService adws, string path, GPO GPO
                 var groupNameNode = node.SelectSingleNode("@name");
                 if (groupNameNode == null)
                     continue;
-                foreach (XmlNode userNameNode in node.SelectNodes(@"//Member[@action=""ADD""]"))
+                foreach (XmlNode userNameNode in node.SelectNodes(@"Properties/Members/Member[@action=""ADD""]"))
                 {
                     var sidnode = userNameNode.SelectSingleNode("@sid");
                     if (sidnode == null)
@@ -4552,9 +4552,9 @@ private LAPSAnalyzer CheckLAPSInstalled(ADDomainInfo domainInfo, ADWebService ad
                         var f = false;
                         // check if there is a LAPS attribute (looked into metadata because hidden if the current user has not right to read it)
                         if (
-                            (lapsAnalyzer.LegacyLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
+                            (lapsAnalyzer.LegacyLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
                             ||
-                            (lapsAnalyzer.MsLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
+                            (lapsAnalyzer.MsLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
                             )
                         {
                             if (x.NTSecurityDescriptor != null)

Properties/AssemblyInfo.cs

@@ -28,5 +28,5 @@
 //      Numéro de build
 //      Révision
 //
-[assembly: AssemblyVersion("3.1.0.0")]
-[assembly: AssemblyFileVersion("3.1.0.0")]
+[assembly: AssemblyVersion("3.1.0.1")]
+[assembly: AssemblyFileVersion("3.1.0.1")]

Scanners/LAPSBitLocker.cs

@@ -65,12 +65,12 @@ public void Export(string filename)
                             LastLogonTimestamp = x.LastLogonTimestamp,
                             OperatingSystem = x.OperatingSystem,
                         };
-                        if (lapsAnalyzer.LegacyLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
+                        if (lapsAnalyzer.LegacyLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.LegacyLAPSIntId))
                         {
                             computer.HasLegacyLAPS = true;
                             computer.LegacyLAPSLastChange = x.ReplPropertyMetaData[lapsAnalyzer.LegacyLAPSIntId].LastOriginatingChange;
                         }
-                        if (lapsAnalyzer.MsLAPSIntId > 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
+                        if (lapsAnalyzer.MsLAPSIntId != 0 && x.ReplPropertyMetaData.ContainsKey(lapsAnalyzer.MsLAPSIntId))
                         {
                             computer.HasMsLAPS = true;
                             computer.MsLAPSLastChange = x.ReplPropertyMetaData[lapsAnalyzer.MsLAPSIntId].LastOriginatingChange;

changelog.txt

@@ -1,3 +1,7 @@
+3.1.0.1
+* fix local membership if many settings are defined
+* fix LAPS collection (signed / unsigned bug)
+
 3.1.0.0
 * fix a bug for machineaccountquote when GPO has been rewritten to remove all users
 * fix a regression introduced in previous version in P-TrustedCredManAccessPrivilege