Release Notes
- Fixed Export computers and users options not being possible
- Fixed the outputs in both User and Computer reports to show better data
- LAPS attributes now only shows in computers
- BadPrimaryGroup issue resolved and header updated to be clear about it only working for enabled users (this is because this is how the risk works)
- Fixed the outputs in both User and Computer reports to show better data
- Fixed False positive from AzureADKrrberos Objects and our new updated HotFix scanner not excluding them
- Fixed regression in the bad primary group rule to not report on disabled accounts. This was a mix up between the Export and the Rule.
- Fixed an issue with A-DCLAPSign where mitigated Domain Controllers were incorrectly detected due to a change made when upgrading ASP.NET 8. New methodology implemented and code comments and trace logs improved.
- Entra ID Scan issue with users whose “Account needs to be secured” (MFA requirement with no MFA) from erroring and now falls back to the previous error saying to use a different browser
- Fixed an issue in privileged mode where the CA Scan could error if the CA registry location is in an unexpected location.
- Fixed an issue with the TenantID Column in Entra reports where it outputted the entire URL
- Updated P-UnconstrainedDelegation to capture disabled accounts as they are a significant risk still and updated the risk text.
- Fixed an issue with the “You are not using a supported version of PingCastle” banner on all reports
- PingCastle AutoUpdater Migration from pingcastle.exe.config to appsettings.console.json now triggers every time.
Packaging Update: Removed the old documentation pdf from the zip. Documentation is located here.