New Version Released

February 3, 2016 | Michael Grafnetter

I am happy to announce that a new version of the DSInternals PowerShell Module has been released, now with Windows Server 2003 support.


Tags: , ,

9 comments on “New Version Released

  1. andres says:

    Hi there Michael,
    thank you very much for your work.
    I’ve tested this new release in Windows 2008 R2 and 2012, and I got the same error in both of them:

    Get-ADDBAccount : Could not load file or assembly ‘Esent.Isam, Version=1.9.3.2, Culture=neutral,
    PublicKeyToken=af7e77ba04a3c166’ or one of its dependencies. Strong name validation failed. (Exception from HRESULT:
    0x8013141A)
    En línea: 1 Carácter: 1
    + Get-ADDBAccount -all -DBPath ‘.\ChiliMango\pass\Active Directory\ntds.dit’ -Boot …
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : OpenError: (:) [Get-ADDBAccount], FileLoadException
    + FullyQualifiedErrorId : DBContextError,DSInternals.PowerShell.Commands.GetADDBAccountCommand I know(Ithink) is something related to .Net, but I don’t know a straightforward solution. Do you have any idea how to fix these? The previous version works fine in the same Windows 2012, although not in 2008 R2. Once again, thank you for your great work, you rock.

    • Michael Grafnetter says:

      Oh shoot, my bad, I have forgotten to sign one of the assemblies. I am cureently re-releasing it, so a working version should be out there in a few minutes. Thanks for letting me know, andres. But even the new version will not be able to open ntds.dit on Win 2008 R2. I am working on that, too. In the meantime, the ntds.dit file can be copied to a newer system and opened from there.

  2. andres says:

    Thank you Michael for your quick response, I’m glad it was just a little lapse. I was aware about the problem in 2008 R2, it’s no big deal, although for the use I give to the script, would be nice to do it all while in the server. All the same, your scripts are awesome, and really useful.

  3. andres says:

    Hi there again,
    just to let you know, I just tried the new release in Win 2012 and it works like a charm.

    Andrés.

  4. I’m a little unsure of what I should be using as the parameter for Get-BootKey.
    Can you provide some more info on this? I haven’t been able to get that command to work.
    What exactly is it expecting?

  5. BTW, i have treid this for Get-BookKey:

    Get-BootKey -SystemHiveFilePath ‘c:\windows\system32\config’ and this:

    Get-BootKey -SystemHiveFilePath ‘c:\windows\system32\config\system’

    but, i get this error:

    Get-BootKey : Path not found.

  6. I have a general question about password hashes. If I retrieve the NT and LM password hashes on one active directory instance, and set the hashes on unrelated accounts on another unrelated active directory instance (no trusts of any kind), will the accounts on the destination AD be able to use the password that was used by the source accounts in the source AD? Or does a different orgid mean that this won’t work? I don’t know a lot about how active directory manages hashes, so I apologize if this sounds like a stupid question.

    We have a need to synchronize the passwords between 2 AD domains for accounts that have the same UPN. The accounts in the destination AD domain are created by our application based on the accounts discoverd in the first domain.

    Basically, we are looking for something similar to what is done with AD Azure dir sync.
    But, between Windows Server AD domains.

    Thanks, and any info you could provide would be very helpful.

    BTW, I’ve been going through the powershell code.
    This is some really great stuff. If you are ever looking for work, let me know!

    Thanks.

Leave a Reply

Your email address will not be published.