Skip to content

AD objects with a name that starts with a $ symbol are not included in reports #10

New issue
New issue
Open
Open
AD objects with a name that starts with a $ symbol are not included in reports#10
Labels
kind/bug
@cybaeye

Description

@cybaeye
cybaeye
opened on Jan 1, 2025

Summary

If the sAMAccountName (User Logon Name) AD attribute has $ as the first character, possibly as any character - not tested, then the script fails to include that user in reports.

Steps to Reproduce

  1. Create a new user in AD with User Logon Name set to $mytestuser or similar, the $ symbol is the important character.
  2. Add the new user to the Domain Admins group
  3. Run the ACLight script

Expected Results

The $mytestuser account should appear in the Layers Analysis report under the 'DOMAIN\Domain Admins - group:' heading.

Actual Results

The $mytestuser account is not shown anywhere in the results. Tested with multiple accounts and on two domains.

Reproducible

  • [X ] Always
  • Sometimes
  • Non-Reproducible

Version/Tag number

Version 3.3

Environment setup

Windows Server 2022 (Schema version 88)

Additional Information

Add any other context about the problem here.

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions