github MichaelGrafnetter/DSInternals v4.2
DSInternals PowerShell Module
on GitHub

latest releases: v4.14, v4.13, v4.12...
4 years ago

Notable Changes

Cross-Forest Duplicate Password Discovery

The Test-PasswordQuality cmdlet now supports cross-domain and cross-forest duplicate password discovery and offline password hash comparison against HaveIBeenPwned: 

$contosoAccounts = Get-ADReplAccount -All -Server $env:LOGONSEVER
$adatumCred = Get-Credential -Message 'Admin credentials for the adatum.com domain:'
$adatumAccounts = Get-ADReplAccount -All -Server 'nyc-dc1.adatum.com' -Credential $adatumCred
$contosoAccounts + $adatumAccounts | Test-PasswordQuality -WeakPasswordHashesSortedFile 'pwned-passwords-ntlm-ordered-by-hash-v5.txt'

The output of the previous script might look like this (with some parts omitted): 

Active Directory Password Quality Report
----------------------------------------
...
Passwords of these accounts have been found in the dictionary:
  ADATUM\larry_admin
  CONTOSO\harry
...
These groups of accounts have the same passwords:
  Group 1:
    ADATUM\smith
    ADATUM\srv_sql01
  Group 2:
    ADATUM\Administrator
    ADATUM\joe_admin
    CONTOSO\Administrator
    CONTOSO\joe_admin
...

The example above uses the MS-DRSR protocol. Similar results can be achieved by using the Get-ADDBAccount cmdlet to read account information directly from a ntds.dit file.

Domain Name Detection

The Get-ADReplAccount, Get-ADReplBackupKey and Add-ADReplNgcKey cmdlets no longer require the Domain and NamingContext parameters to be specified, as their proper values are automatically retrieved from the target DC.

DSInternals is probably the only tool that detects the domain information just by using the MS-DRSR protocol itself.

See the Changelog for a more detailed list of new features.

PowerShell Module

Standalone module for offline installation and for legacy PowerShell versions is attached. See the Installation Notes before proceeding.

PowerShell Gallery

The PowerShell module is also available on Microsoft's PowerShell Gallery.

Chocolatey

An official Chocolatey package of the DSInternals PowerShell Module is also available.

NuGet Gallery

Official binary packages are available at NuGet Gallery.

Acknowledgement

Special thanks goes to @aseigler for his code contribution to this release.

Check out latest releases or
releases around MichaelGrafnetter/DSInternals v4.2

Don't miss a new DSInternals release

NewReleases is sending notifications on new releases.

Get notifications