Summary
If the sAMAccountName (User Logon Name) AD attribute has $ as the first character, possibly as any character - not tested, then the script fails to include that user in reports.
Steps to Reproduce
- Create a new user in AD with User Logon Name set to $mytestuser or similar, the $ symbol is the important character.
- Add the new user to the Domain Admins group
- Run the ACLight script
Expected Results
The $mytestuser account should appear in the Layers Analysis report under the 'DOMAIN\Domain Admins - group:' heading.
Actual Results
The $mytestuser account is not shown anywhere in the results. Tested with multiple accounts and on two domains.
Reproducible
Version/Tag number
Version 3.3
Environment setup
Windows Server 2022 (Schema version 88)
Additional Information
Add any other context about the problem here.
Summary
If the sAMAccountName (User Logon Name) AD attribute has $ as the first character, possibly as any character - not tested, then the script fails to include that user in reports.
Steps to Reproduce
Expected Results
The $mytestuser account should appear in the Layers Analysis report under the 'DOMAIN\Domain Admins - group:' heading.
Actual Results
The $mytestuser account is not shown anywhere in the results. Tested with multiple accounts and on two domains.
Reproducible
Version/Tag number
Version 3.3
Environment setup
Windows Server 2022 (Schema version 88)
Additional Information
Add any other context about the problem here.