Release 5.0

Documentation/CHANGELOG.md

@@ -7,15 +7,16 @@ All notable changes to this project will be documented in this file. The format
 
 ## [Unreleased]
 
+## [5.0] - 2025-03-03
+
 ### Added
 
-- Get-ADDBBitLockerRecoveryInformation cmdlet
-- Get-ADDBComputer cmdlet.
-- The PowerShell module now advertizes `Desktop` as the required edition. Note that *PowerShell Core* is not supported because of heavy dependency on Win32 API.
-
-### Fixed
-
-- Improved export formats.
+- Added the [Get-ADDBBitLockerRecoveryInformation](PowerShell/Get-ADDBBitLockerRecoveryInformation.md#get-addbbitlockerrecoveryinformation) cmdlet for retrieving BitLocker recovery keys from `ntds.dit` files.
+- Added the [Get-ADDBDnsResourceRecord](PowerShell/Get-ADDBDnsResourceRecord.md#get-addbdnsresourcerecord) cmdlet for retrieving DNS resource records from `ntds.dit` files.
+- The [Get-ADDBAccount](PowerShell/Get-ADDBAccount.md#get-addbaccount), [Get-ADReplAccount](PowerShell/Get-ADReplAccount.md#get-adreplaccount), and [Get-ADSIAccount](PowerShell/Get-ADSIAccount.md#get-adsiaccount) cmdlets have a new parameter called `-Properties` for specifying the properties to be fetched, which greatly increases the performance.
+- The [Get-ADDBAccount](PowerShell/Get-ADDBAccount.md#get-addbaccount) and [Get-ADReplAccount](PowerShell/Get-ADReplAccount.md#get-adreplaccount) cmdlets have a new parameter called `-ExportFormat`, which replaces the `Format-Custom` cmdlet when exporting data to `hashcat`, `pwdump`, and other formats.
+- Legacy LAPS and Windows LAPS cleartext passwords can now be extracted from `ntds.dit` files using the [Get-ADDBAccount](PowerShell/Get-ADDBAccount.md#get-addbaccount) cmdlet. 
+- More user and computer attributes can optionally be retrieved by the [Get-ADDBAccount](PowerShell/Get-ADDBAccount.md#get-addbaccount), [Get-ADReplAccount](PowerShell/Get-ADReplAccount.md#get-adreplaccount), and [Get-ADSIAccount](PowerShell/Get-ADSIAccount.md#get-adsiaccount) cmdlets, including email addresses, phone numbers, managers, and OS versions.
 
 ## [4.16] - 2025-01-05
 
@@ -562,7 +563,8 @@ This is a [Chocolatey](https://chocolatey.org/packages/dsinternals-psmodule)-onl
 ## 1.0 - 2015-01-20
 Initial release!
 
-[Unreleased]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.16...HEAD
+[Unreleased]: https://github.com/MichaelGrafnetter/DSInternals/compare/v5.0...HEAD
+[5.0]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.16...v5.0
 [4.16]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.15.1...v4.16
 [4.15.1]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.15...v4.15.1
 [4.15]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.14...v4.15

Src/DSInternals.Common/DSInternals.Common.nuspec

@@ -14,7 +14,7 @@
     <description>This package is shared between all other DSInternals packages. Its main features are Azure AD Graph API and ADSI clients for for retrieval of cryptographic material. It contains implementations of common hash functions used by Windows, including NT hash, LM hash and OrgId hash. It also contains methods for SysKey/BootKey retrieval.</description>
     <summary>This package is shared between all other DSInternals packages.</summary>
     <releaseNotes>
-- Minor credential roaming parser improvement.
+- Added support for retrieval of BitLocker recovery keys, LAPS passwords, DNS resource records, and contact information from Active Directory.
     </releaseNotes>
     <copyright>Copyright (c) 2015-2025 Michael Grafnetter. All rights reserved.</copyright>
     <tags>ActiveDirectory Security AD AAD Identity Active Directory</tags>

Src/DSInternals.Common/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@ using System.Runtime.InteropServices;
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals Common Library")]
-[assembly: AssemblyVersion("4.14")]
-[assembly: AssemblyFileVersion("4.14")]
+[assembly: AssemblyVersion("5.0")]
+[assembly: AssemblyFileVersion("5.0")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]

Src/DSInternals.DataStore/DSInternals.DataStore.nuspec

@@ -14,7 +14,8 @@
     <description>DSInternals DataStore is an advanced framework for offline ntds.dit file manipulation. It can be used to extract password hashes from Active Directory backups or to modify the sIDHistory and primaryGroupId attributes.</description>
     <summary>DSInternals DataStore is an advanced framework for offline ntds.dit file manipulation.</summary>
     <releaseNotes>
-- The `DomainController` class exposes more DC properties, including `ServerObjectDN`, `NTDSSettingsObjectDN`, and `ForestRootNamingContext`.
+- Added support for retrieval of BitLocker recovery keys, LAPS passwords, DNS resource records, and contact information from ntds.dit files.
+- Imroved ntds.dit parsing performance.
     </releaseNotes>
     <copyright>Copyright (c) 2015-2025 Michael Grafnetter. All rights reserved.</copyright>
     <tags>ActiveDirectory Security NTDS AD Identity Active Directory</tags>

Src/DSInternals.DataStore/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@ using System.Runtime.InteropServices;
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals DataStore Library")]
-[assembly: AssemblyVersion("4.16")]
-[assembly: AssemblyFileVersion("4.16")]
+[assembly: AssemblyVersion("5.0")]
+[assembly: AssemblyFileVersion("5.0")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]

Src/DSInternals.PowerShell/Chocolatey/dsinternals-psmodule.nuspec

@@ -3,7 +3,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>DSInternals-PSModule</id>
-    <version>4.16</version>
+    <version>5.0</version>
     <packageSourceUrl>https://github.com/MichaelGrafnetter/DSInternals/tree/master/Src/DSInternals.PowerShell/Chocolatey</packageSourceUrl>
     <owners>MichaelGrafnetter</owners>
     <title>DSInternals PowerShell Module</title>
@@ -37,7 +37,12 @@ The DSInternals PowerShell Module has these main features:
 ## Disclaimer
 Features exposed through these tools are not supported by Microsoft. Improper use might cause irreversible damage to domain controllers or negatively impact domain security.</description>
     <releaseNotes>
-* The `New-ADDBRestoreFromMediaScript` cmdlet now properly sets the `Configuration NC`, `Root Domain`, and `Machine DN Name` registry values under the `HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters` key.
+* Added the `Get-ADDBBitLockerRecoveryInformation` cmdlet for retrieving BitLocker recovery keys from `ntds.dit` files.
+* Added the `Get-ADDBDnsResourceRecord` cmdlet for retrieving DNS resource records from `ntds.dit` files.
+* The `Get-ADDBAccount`, `Get-ADReplAccount`, and `Get-ADSIAccount` cmdlets have a new parameter called `-Properties` for specifying the properties to be fetched, which greatly increases the performance.
+* The `Get-ADDBAccount` and `Get-ADReplAccount` cmdlets have a new parameter called `-ExportFormat`, which replaces the `Format-Custom` cmdlet when exporting data to `hashcat`, `pwdump`, and other formats.
+* Legacy LAPS and Windows LAPS cleartext passwords can now be extracted from `ntds.dit` files using the `Get-ADDBAccount` cmdlet.
+* More user and computer attributes can optionally be retrieved by the `Get-ADDBAccount`, `Get-ADReplAccount`, and `Get-ADSIAccount` cmdlets, including email addresses, phone numbers, managers, and OS versions.
     </releaseNotes>
     <dependencies>
       <!-- Windows Management Framework 3+. For OS prior to Windows 8 and Windows Server 2012. -->

Src/DSInternals.PowerShell/DSInternals.psd1

@@ -8,7 +8,7 @@
 RootModule = 'DSInternals.Bootstrap.psm1'
 
 # Version number of this module.
-ModuleVersion = '4.16'
+ModuleVersion = '5.0'
 
 # Supported PSEditions
 # CompatiblePSEditions = 'Desktop'
@@ -156,7 +156,12 @@ PrivateData = @{
 
         # ReleaseNotes of this module
         ReleaseNotes = @"
-- The New-ADDBRestoreFromMediaScript cmdlet now properly sets the "Configuration NC", "Root Domain", and "Machine DN Name" registry values under the "HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters" key.
+- Added the Get-ADDBBitLockerRecoveryInformation cmdlet for retrieving BitLocker recovery keys from ntds.dit files.
+- Added the Get-ADDBDnsResourceRecord cmdlet for retrieving DNS resource records from ntds.dit files.
+- The Get-ADDBAccount, Get-ADReplAccount, and Get-ADSIAccount cmdlets have a new parameter called -Properties for specifying the properties to be fetched, which greatly increases the performance.
+- The Get-ADDBAccount and Get-ADReplAccount cmdlets have a new parameter called -ExportFormat, which replaces the Format-Custom cmdlet when exporting data to hashcat, pwdump, and other formats.
+- Legacy LAPS and Windows LAPS cleartext passwords can now be extracted from ntds.dit files using the Get-ADDBAccount cmdlet. 
+- More user and computer attributes can optionally be retrieved by the Get-ADDBAccount, Get-ADReplAccount, and Get-ADSIAccount cmdlets, including email addresses, phone numbers, managers, and OS versions.
 "@
     } # End of PSData hashtable
 

Src/DSInternals.PowerShell/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@ using System.Runtime.InteropServices;
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals PowerShell Commands")]
-[assembly: AssemblyVersion("4.16")]
-[assembly: AssemblyFileVersion("4.16")]
+[assembly: AssemblyVersion("5.0")]
+[assembly: AssemblyFileVersion("5.0")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]

Src/DSInternals.Replication.Interop/version.rc

@@ -14,17 +14,17 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
 // TEXTINCLUDE
 //
 
-1 TEXTINCLUDE
+1 TEXTINCLUDE 
 BEGIN
     "resource.h\0"
 END
 
-2 TEXTINCLUDE
+2 TEXTINCLUDE 
 BEGIN
     "\0"
 END
 
-3 TEXTINCLUDE
+3 TEXTINCLUDE 
 BEGIN
     "\r\n"
     "\0"
@@ -39,8 +39,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 4,14,0,0
- PRODUCTVERSION 4,14,0,0
+ FILEVERSION 5,0,0,0
+ PRODUCTVERSION 5,0,0,0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -57,12 +57,12 @@ BEGIN
         BEGIN
             VALUE "CompanyName", "Michael Grafnetter"
             VALUE "FileDescription", "DSInternals Replication Interop Library"
-            VALUE "FileVersion", "4.14.0.0"
+            VALUE "FileVersion", "5.0.0.0"
             VALUE "InternalName", "DSInternals.Replication.Interop"
             VALUE "LegalCopyright", "Copyright © 2015-2025 Michael Grafnetter"
             VALUE "OriginalFilename", "DSInternals.Replication.Interop.dll"
             VALUE "ProductName", "DSInternals PowerShell Module"
-            VALUE "ProductVersion", "4.14.0.0"
+            VALUE "ProductVersion", "5.0.0.0"
         END
     END
     BLOCK "VarFileInfo"

Src/DSInternals.Replication.Model/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@ using System.Runtime.InteropServices;
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals Replication Data Model")]
-[assembly: AssemblyVersion("4.14")]
-[assembly: AssemblyFileVersion("4.14")]
+[assembly: AssemblyVersion("5.0")]
+[assembly: AssemblyFileVersion("5.0")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]

Src/DSInternals.Replication/DSInternals.Replication.nuspec

@@ -14,7 +14,7 @@
     <description>DSInternals Replication implements a client for the Active Directory Replication Service Remote Protocol (DRS-R). It can be used to remotely extract password hashes from domain controllers.</description>
     <summary>DSInternals Replication implements a client for the Active Directory Replication Service Remote Protocol (DRS-R).</summary>
     <releaseNotes>
-- Minor credential roaming parser improvement.
+- More user and computer account attributes are retrieved through the replication protocol.
     </releaseNotes>
     <copyright>Copyright (c) 2015-2025 Michael Grafnetter. All rights reserved.</copyright>
     <tags>ActiveDirectory Security RPC DRSR</tags>

Src/DSInternals.Replication/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@ using System.Runtime.InteropServices;
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals Replication Library")]
-[assembly: AssemblyVersion("4.14")]
-[assembly: AssemblyFileVersion("4.14")]
+[assembly: AssemblyVersion("5.0")]
+[assembly: AssemblyFileVersion("5.0")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]

Src/DSInternals.SAM/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@ using System.Runtime.InteropServices;
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals SAM Library")]
-[assembly: AssemblyVersion("4.14")]
-[assembly: AssemblyFileVersion("4.14")]
+[assembly: AssemblyVersion("5.0")]
+[assembly: AssemblyFileVersion("5.0")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]