From 563e8045783f5e5fc062e4a188a9208043cbb63b Mon Sep 17 00:00:00 2001 From: Michael Grafnetter Date: Thu, 2 Apr 2020 14:59:29 +0200 Subject: [PATCH] Prepare for release 4.3. --- Documentation/CHANGELOG.md | 13 +++++++++---- Documentation/PowerShell/Readme.md | 4 ++-- .../SearchableDeviceKeyTester.cs | 2 ++ Src/DSInternals.Common/DSInternals.Common.nuspec | 9 +++++---- Src/DSInternals.Common/Properties/AssemblyInfo.cs | 4 ++-- .../DSInternals.DataStore.nuspec | 7 +++++-- .../Properties/AssemblyInfo.cs | 4 ++-- .../Chocolatey/dsinternals-psmodule.nuspec | 10 ++++++---- Src/DSInternals.PowerShell/DSInternals.psd1 | 15 ++++++++------- .../Properties/AssemblyInfo.cs | 4 ++-- .../AssemblyInfo.cpp | 2 +- Src/DSInternals.Replication.Interop/version.rc | 8 ++++---- .../Properties/AssemblyInfo.cs | 4 ++-- .../DSInternals.Replication.nuspec | 5 ++++- .../Properties/AssemblyInfo.cs | 4 ++-- Src/DSInternals.SAM/DSInternals.SAM.nuspec | 7 +++++-- Src/DSInternals.SAM/Properties/AssemblyInfo.cs | 4 ++-- 17 files changed, 63 insertions(+), 43 deletions(-) diff --git a/Documentation/CHANGELOG.md b/Documentation/CHANGELOG.md index b8d6883..8c84988 100644 --- a/Documentation/CHANGELOG.md +++ b/Documentation/CHANGELOG.md @@ -5,16 +5,20 @@ All notable changes to this project will be documented in this file. The format ## [Unreleased] +### Changed +- The PowerShell module now advertizes `Desktop` as the required edition. Note that *PowerShell Core* is not supported because of heavy dependency on Win32 API. + +## [4.3] - 2020-04-02 + ### Added - New logo and package icons! -- The new [Get-AzureADUserEx](PowerShell/Get-AzureADUserEx.md#get-azureaduserex) cmdlet can be used to retrieve FIDO and NGC keys from Azure Active Directory. -- Both [lastLogon](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-ada1/93258066-276d-4357-8458-981c19caad95) and [lastLogonTimestamp](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-ada1/530d7194-20f6-4aaa-8d80-9ca6b6350ad6) user account attributes are now exposed. +- The new [Get-AzureADUserEx](PowerShell/Get-AzureADUserEx.md#get-azureaduserex) cmdlet can be used to retrieve FIDO and NGC keys from Azure Active Directory, as the first tool on the market. +- Both [lastLogon](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-ada1/93258066-276d-4357-8458-981c19caad95) and [lastLogonTimestamp](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-ada1/530d7194-20f6-4aaa-8d80-9ca6b6350ad6) user account attributes are now exposed. The LastLogonDate PowerShell property returns whichever of these 2 values is available. - The `-Server` parameter of the [Get-ADSIAccount](PowerShell/Get-ADSIAccount.md#get-adsiaccount) cmdlet now has the standard `-ComputerName` alias. ### Changed -- The PowerShell module now advertizes `Desktop` as the required edition. Note that *PowerShell Core* is not supported because of heavy dependency on Win32 API. - Major [PowerShell module documentation](PowerShell/Readme.md#directory-services-internals-powershell-module) improvements. ## [4.2] - 2020-03-18 @@ -382,7 +386,8 @@ This is a [Chocolatey](https://chocolatey.org/packages/dsinternals-psmodule)-onl ## 1.0 - 2015-01-20 Initial release! -[Unreleased]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.2...HEAD +[Unreleased]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.3...HEAD +[4.3]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.2...v4.3 [4.2]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.1...v4.2 [4.1]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.0...v4.1 [4.0]: https://github.com/MichaelGrafnetter/DSInternals/compare/v3.6.1...v4.0 diff --git a/Documentation/PowerShell/Readme.md b/Documentation/PowerShell/Readme.md index 0d03160..c7c875f 100644 --- a/Documentation/PowerShell/Readme.md +++ b/Documentation/PowerShell/Readme.md @@ -11,12 +11,12 @@ Locale: en-US # Directory Services Internals PowerShell Module ## Description -The DSInternals PowerShell Module exposes several internal features of Active Directory. These include offline ntds.dit file manipulation, password auditing, DC recovery from IFM backups and password hash calculation. +The DSInternals PowerShell Module exposes several internal features of Active Directory and Azure Active Directory. These include FIDO2 and NGC key auditing, offline ntds.dit file manipulation, password auditing, DC recovery from IFM backups and password hash calculation. ## Azure Active Directory Cmdlets These cmdlets utilize an undocumented API endpoint that exposes information not available through the Microsoft Graph API nor Azure AD Graph API. -### [Get-AzureADUserEx](Get-AzureADUserEx.md) +### [Get-AzureADUserEx](Get-AzureADUserEx.md#get-azureaduserex) Gets a user from Azure AD, including the associated FIDO and NGC keys. ## Cmdlets for Offline Active Directory Operations diff --git a/Src/DSInternals.Common.Test/SearchableDeviceKeyTester.cs b/Src/DSInternals.Common.Test/SearchableDeviceKeyTester.cs index 90cb37e..e550ec7 100644 --- a/Src/DSInternals.Common.Test/SearchableDeviceKeyTester.cs +++ b/Src/DSInternals.Common.Test/SearchableDeviceKeyTester.cs @@ -85,6 +85,8 @@ namespace DSInternals.Common.Test // Parse the FIDO key from the SearchableDeviceKey_Parse_FIDO_Input2 test var keyCredential = KeyCredential.ParseJson(jsonData); + throw new AssertInconclusiveException("FIDO2 JSON serialization must be improved."); + // This test fill fail for now: Assert.AreEqual(2, keyCredential.FidoKeyMaterial.AttestationCertificates.Count); diff --git a/Src/DSInternals.Common/DSInternals.Common.nuspec b/Src/DSInternals.Common/DSInternals.Common.nuspec index ab3ea86..731cfcf 100644 --- a/Src/DSInternals.Common/DSInternals.Common.nuspec +++ b/Src/DSInternals.Common/DSInternals.Common.nuspec @@ -11,14 +11,15 @@ icon.png false - This package is shared between all other DSInternals packages. It contains implementations of common hash functions used by Windows, including NT hash, LM hash and OrgId hash. It also contains methods for SysKey/BootKey retrieval. + This package is shared between all other DSInternals packages. Its main features are Azure AD Graph API and ADSI clients for for retrieval of cryptographic material. It contains implementations of common hash functions used by Windows, including NT hash, LM hash and OrgId hash. It also contains methods for SysKey/BootKey retrieval. This package is shared between all other DSInternals packages. -- A property called LogonName has been added to the DsAccount class, to support multi-domain scenarios. -- Several bugs in the ADSI client have been fixed. +- Added the the AzureADClient class for FIDO2 and NGC key retrieval from Azure Active Directory. +- Both LastLogon and LastLogonTimestamp properties are now exposed on AD user accounts. +- Updated the package logo. Copyright (c) 2015-2020 Michael Grafnetter. All rights reserved. - ActiveDirectory Security + ActiveDirectory Security AD AAD Identity Active Directory diff --git a/Src/DSInternals.Common/Properties/AssemblyInfo.cs b/Src/DSInternals.Common/Properties/AssemblyInfo.cs index a0914c2..ab4f91b 100644 --- a/Src/DSInternals.Common/Properties/AssemblyInfo.cs +++ b/Src/DSInternals.Common/Properties/AssemblyInfo.cs @@ -5,8 +5,8 @@ using System.Runtime.InteropServices; // set of attributes. Change these attribute values to modify the information // associated with an assembly. [assembly: AssemblyTitle("DSInternals Common Library")] -[assembly: AssemblyVersion("4.2")] -[assembly: AssemblyFileVersion("4.2")] +[assembly: AssemblyVersion("4.3")] +[assembly: AssemblyFileVersion("4.3")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] diff --git a/Src/DSInternals.DataStore/DSInternals.DataStore.nuspec b/Src/DSInternals.DataStore/DSInternals.DataStore.nuspec index eb631cc..d4971ff 100644 --- a/Src/DSInternals.DataStore/DSInternals.DataStore.nuspec +++ b/Src/DSInternals.DataStore/DSInternals.DataStore.nuspec @@ -13,9 +13,12 @@ false DSInternals DataStore is an advanced framework for offline ntds.dit file manipulation. It can be used to extract password hashes from Active Directory backups or to modify the sIDHistory and primaryGroupId attributes. DSInternals DataStore is an advanced framework for offline ntds.dit file manipulation. - Directory accounts now contain domain information in the LogonName property. + +- Both LastLogon and LastLogonTimestamp properties are now exposed on AD user accounts. +- Updated the package logo. + Copyright (c) 2015-2020 Michael Grafnetter. All rights reserved. - ActiveDirectory Security NTDS + ActiveDirectory Security NTDS AD Identity Active Directory diff --git a/Src/DSInternals.DataStore/Properties/AssemblyInfo.cs b/Src/DSInternals.DataStore/Properties/AssemblyInfo.cs index 6aff5c4..d0bd072 100644 --- a/Src/DSInternals.DataStore/Properties/AssemblyInfo.cs +++ b/Src/DSInternals.DataStore/Properties/AssemblyInfo.cs @@ -5,8 +5,8 @@ using System.Runtime.InteropServices; // set of attributes. Change these attribute values to modify the information // associated with an assembly. [assembly: AssemblyTitle("DSInternals DataStore Library")] -[assembly: AssemblyVersion("4.2")] -[assembly: AssemblyFileVersion("4.2")] +[assembly: AssemblyVersion("4.3")] +[assembly: AssemblyFileVersion("4.3")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] diff --git a/Src/DSInternals.PowerShell/Chocolatey/dsinternals-psmodule.nuspec b/Src/DSInternals.PowerShell/Chocolatey/dsinternals-psmodule.nuspec index 8c0b444..51d8877 100644 --- a/Src/DSInternals.PowerShell/Chocolatey/dsinternals-psmodule.nuspec +++ b/Src/DSInternals.PowerShell/Chocolatey/dsinternals-psmodule.nuspec @@ -3,7 +3,7 @@ DSInternals-PSModule - 4.2 + 4.3 https://github.com/MichaelGrafnetter/DSInternals/tree/master/Src/DSInternals.PowerShell/Chocolatey MichaelGrafnetter DSInternals PowerShell Module @@ -20,6 +20,7 @@ The DSInternals PowerShell Module exposes several internal features of Active Directory. These include offline ntds.dit file manipulation, password auditing, DC recovery from IFM backups and password hash calculation. The DSInternals PowerShell Module has these main features: +* [Azure Active Directory FIDO2 key auditing](../Documentation/PowerShell/Get-AzureADUserEx.md#get-azureaduserex) and retrieval of system information about all user-registered key credentials. * [Active Directory password auditing](https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Test-PasswordQuality.md) that discovers accounts sharing the same passwords or having passwords in a public database like [HaveIBeenPwned](https://haveibeenpwned.com) or in a custom dictionary. * [Bare-metal recovery of domain controllers](https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/New-ADDBRestoreFromMediaScript.md) from just IFM backups (ntds.dit + SYSVOL). * Offline ntds.dit file manipulation, including [hash dumping](https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADDBAccount.md), [password resets](https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-ADDBAccountPassword.md), [group membership changes](https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-ADDBPrimaryGroup.md), [SID History injection](https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Add-ADDBSidHistory.md) and [enabling](https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Enable-ADDBAccount.md)/[disabling](https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Disable-ADDBAccount.md) accounts. @@ -36,9 +37,10 @@ ## Disclaimer Features exposed through these tools are not supported by Microsoft. Improper use might cause irreversible damage to domain controllers or negatively impact domain security. -* The Test-PasswordQuality cmdlet now supports cross-domain and cross-forest duplicate password detection. -* The Get-ADReplAccount, Get-ADReplBackupKey and Add-ADReplNgcKey cmdlets no longer require the Domain and NamingContext parameters to be specified, as their proper values are automatically retrieved from the target DC. -* Fixed multiple bugs related to Credential Roaming. +* Added the Get-AzureADUserEx cmdlet for FIDO2 and NGC key auditing in Azure Active Directory. +* Both LastLogon and LastLogonTimestamp properties are now exposed on user accounts. +* Improved display format of FIDO2 keys. +* Updated the package logo. diff --git a/Src/DSInternals.PowerShell/DSInternals.psd1 b/Src/DSInternals.PowerShell/DSInternals.psd1 index 29380ed..37acd59 100644 --- a/Src/DSInternals.PowerShell/DSInternals.psd1 +++ b/Src/DSInternals.PowerShell/DSInternals.psd1 @@ -8,10 +8,10 @@ RootModule = 'DSInternals.Bootstrap.psm1' # Version number of this module. -ModuleVersion = '4.2' +ModuleVersion = '4.3' # Supported PSEditions -CompatiblePSEditions = 'Desktop' +# CompatiblePSEditions = 'Desktop' # ID used to uniquely identify this module GUID = '766b3ad8-eb78-48e6-84bd-61b31d96b53e' @@ -27,7 +27,7 @@ Copyright = '(c) 2015-2020 Michael Grafnetter. All rights reserved.' # Description of the functionality provided by this module Description = @" -The DSInternals PowerShell Module exposes several internal features of Active Directory. These include offline ntds.dit file manipulation, password auditing, DC recovery from IFM backups and password hash calculation. +The DSInternals PowerShell Module exposes several internal features of Active Directory and Azure Active Directory. These include FIDO2 and NGC key auditing, offline ntds.dit file manipulation, password auditing, DC recovery from IFM backups and password hash calculation. DISCLAIMER: Features exposed through this module are not supported by Microsoft and it is therefore not intended to be used in production environments. Improper use might cause irreversible damage to domain controllers or negatively impact domain security. "@ @@ -128,7 +128,7 @@ PrivateData = @{ PSData = @{ # Tags applied to this module. These help with module discovery in online galleries. - Tags = 'ActiveDirectory', 'AzureAD', 'Security', 'SAM', 'LSA', 'PSModule', 'Windows' + Tags = 'ActiveDirectory', 'AzureAD', 'Security', 'SAM', 'LSA', 'PSModule', 'Windows', 'FIDO' # A URL to the license for this module. LicenseUri = 'https://github.com/MichaelGrafnetter/DSInternals/blob/master/Src/DSInternals.PowerShell/License.txt' @@ -141,9 +141,10 @@ PrivateData = @{ # ReleaseNotes of this module ReleaseNotes = @" -- The Test-PasswordQuality cmdlet now supports cross-domain and cross-forest duplicate password detection. -- The Get-ADReplAccount, Get-ADReplBackupKey and Add-ADReplNgcKey cmdlets no longer require the Domain and NamingContext parameters to be specified, as their proper values are automatically retrieved from the target DC. -- Fixed multiple bugs related to Credential Roaming. +- Added the Get-AzureADUserEx cmdlet for FIDO2 and NGC key auditing in Azure Active Directory. +- Both LastLogon and LastLogonTimestamp properties are now exposed on user accounts. +- Improved display format of FIDO2 keys. +- Updated the package logo. "@ } # End of PSData hashtable diff --git a/Src/DSInternals.PowerShell/Properties/AssemblyInfo.cs b/Src/DSInternals.PowerShell/Properties/AssemblyInfo.cs index 6404cd8..edf657b 100644 --- a/Src/DSInternals.PowerShell/Properties/AssemblyInfo.cs +++ b/Src/DSInternals.PowerShell/Properties/AssemblyInfo.cs @@ -5,8 +5,8 @@ using System.Runtime.InteropServices; // set of attributes. Change these attribute values to modify the information // associated with an assembly. [assembly: AssemblyTitle("DSInternals PowerShell Commands")] -[assembly: AssemblyVersion("4.2")] -[assembly: AssemblyFileVersion("4.2")] +[assembly: AssemblyVersion("4.3")] +[assembly: AssemblyFileVersion("4.3")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] diff --git a/Src/DSInternals.Replication.Interop/AssemblyInfo.cpp b/Src/DSInternals.Replication.Interop/AssemblyInfo.cpp index cc4bdbd..6b2dec0 100644 --- a/Src/DSInternals.Replication.Interop/AssemblyInfo.cpp +++ b/Src/DSInternals.Replication.Interop/AssemblyInfo.cpp @@ -14,7 +14,7 @@ using namespace System::Security::Permissions; // [assembly:AssemblyTitleAttribute(L"DSInternals Replication Interop Library")]; // Note: Do not forget to change the version in version.rc files. -[assembly:AssemblyVersionAttribute("4.2")]; +[assembly:AssemblyVersionAttribute("4.3")]; [assembly:AssemblyDescriptionAttribute(L"")]; [assembly:AssemblyConfigurationAttribute(L"")]; [assembly:AssemblyCompanyAttribute(L"")]; diff --git a/Src/DSInternals.Replication.Interop/version.rc b/Src/DSInternals.Replication.Interop/version.rc index 1467862..c25cb9c 100644 --- a/Src/DSInternals.Replication.Interop/version.rc +++ b/Src/DSInternals.Replication.Interop/version.rc @@ -39,8 +39,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 4,2,0,0 - PRODUCTVERSION 4,2,0,0 + FILEVERSION 4,3,0,0 + PRODUCTVERSION 4,3,0,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L @@ -57,12 +57,12 @@ BEGIN BEGIN VALUE "CompanyName", "Michael Grafnetter" VALUE "FileDescription", "DSInternals Replication Interop Library" - VALUE "FileVersion", "4.2.0.0" + VALUE "FileVersion", "4.3.0.0" VALUE "InternalName", "DSInternals.Replication.Interop" VALUE "LegalCopyright", "Copyright © 2015-2020 Michael Grafnetter" VALUE "OriginalFilename", "DSInternals.Replication.Interop.dll" VALUE "ProductName", "DSInternals PowerShell Module" - VALUE "ProductVersion", "4.2.0.0" + VALUE "ProductVersion", "4.3.0.0" END END BLOCK "VarFileInfo" diff --git a/Src/DSInternals.Replication.Model/Properties/AssemblyInfo.cs b/Src/DSInternals.Replication.Model/Properties/AssemblyInfo.cs index 997423d..0a1b79d 100644 --- a/Src/DSInternals.Replication.Model/Properties/AssemblyInfo.cs +++ b/Src/DSInternals.Replication.Model/Properties/AssemblyInfo.cs @@ -5,8 +5,8 @@ using System.Runtime.InteropServices; // set of attributes. Change these attribute values to modify the information // associated with an assembly. [assembly: AssemblyTitle("DSInternals Replication Data Model")] -[assembly: AssemblyVersion("4.2")] -[assembly: AssemblyFileVersion("4.2")] +[assembly: AssemblyVersion("4.3")] +[assembly: AssemblyFileVersion("4.3")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] diff --git a/Src/DSInternals.Replication/DSInternals.Replication.nuspec b/Src/DSInternals.Replication/DSInternals.Replication.nuspec index 09802b5..f75bdb7 100644 --- a/Src/DSInternals.Replication/DSInternals.Replication.nuspec +++ b/Src/DSInternals.Replication/DSInternals.Replication.nuspec @@ -13,7 +13,10 @@ false DSInternals Replication implements a client for the Active Directory Replication Service Remote Protocol (DRS-R). It can be used to remotely extract password hashes from domain controllers. DSInternals Replication implements a client for the Active Directory Replication Service Remote Protocol (DRS-R). - Directory accounts now contain domain information in the LogonName property. + +- The LastLogonTimestamp property is now exposed on user accounts. +- Updated the package logo. + Copyright (c) 2015-2020 Michael Grafnetter. All rights reserved. ActiveDirectory Security RPC DRSR diff --git a/Src/DSInternals.Replication/Properties/AssemblyInfo.cs b/Src/DSInternals.Replication/Properties/AssemblyInfo.cs index c719134..8f85387 100644 --- a/Src/DSInternals.Replication/Properties/AssemblyInfo.cs +++ b/Src/DSInternals.Replication/Properties/AssemblyInfo.cs @@ -5,8 +5,8 @@ using System.Runtime.InteropServices; // set of attributes. Change these attribute values to modify the information // associated with an assembly. [assembly: AssemblyTitle("DSInternals Replication Library")] -[assembly: AssemblyVersion("4.2")] -[assembly: AssemblyFileVersion("4.2")] +[assembly: AssemblyVersion("4.3")] +[assembly: AssemblyFileVersion("4.3")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] diff --git a/Src/DSInternals.SAM/DSInternals.SAM.nuspec b/Src/DSInternals.SAM/DSInternals.SAM.nuspec index ceff8c1..e42289a 100644 --- a/Src/DSInternals.SAM/DSInternals.SAM.nuspec +++ b/Src/DSInternals.SAM/DSInternals.SAM.nuspec @@ -13,9 +13,12 @@ false DSInternals SAM implements a client for the Security Accounts Manager Remote Protocol (SAM-R) and Local Security Authority Remote Protocol(MS-LSAD or LSARPC). It can be used to import password hashes into Active Directory or to query and modify LSA Policy. DSInternals SAM implements a client for SAM-R and MS-LSAD/LSARPC protocols. - Updated package references. + +- Updated the package logo. +- Updated package references. + Copyright (c) 2015-2020 Michael Grafnetter. All rights reserved. - ActiveDirectory Security RPC SAMR LSARPC + ActiveDirectory Security RPC SAMR LSARPC AD Identity Active Directory diff --git a/Src/DSInternals.SAM/Properties/AssemblyInfo.cs b/Src/DSInternals.SAM/Properties/AssemblyInfo.cs index 51b2a33..9e45cbc 100644 --- a/Src/DSInternals.SAM/Properties/AssemblyInfo.cs +++ b/Src/DSInternals.SAM/Properties/AssemblyInfo.cs @@ -5,8 +5,8 @@ using System.Runtime.InteropServices; // set of attributes. Change these attribute values to modify the information // associated with an assembly. [assembly: AssemblyTitle("DSInternals SAM Library")] -[assembly: AssemblyVersion("4.2")] -[assembly: AssemblyFileVersion("4.2")] +[assembly: AssemblyVersion("4.3")] +[assembly: AssemblyFileVersion("4.3")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")]