Bug Description
No results under heading "Passwords of these accounts have been found in the dictionary:"
I have downloaded the NTLM encrypred "have I been pwned" database as a text file using the provided dotnot module from haveibeenpwned. Script used below.
I intentionally have a low priority account in the environment with a known "pwned" password and it does not appear in the results. I can run the script replacing the massive results list with a single line file with the pwned password in plain text, and it appears when I run the script again.
Steps to Reproduce
$Passwords = "pwnedpasswords_ntlm.txt"
$Params = @{
"All" = $True
"Server" = 'NAMEOFSERVER'
"NamingContext" = 'dc=DOMAIN,dc=NAME'
}
Get-ADReplAccount @params | Test-PasswordQuality -WeakPasswordsFile $Passwords -IncludeDisabledAccounts
Expected Behavior
Normal expected results of the script, but with at least 1 account listed under section "Passwords of these accounts have been found in the dictionary:"
Actual Behavior
Passwords of these accounts have been found in the dictionary:
(Blank, no names or accounts found)
Stack Trace
There is no error or stack trace, the script appears to run normally, and outputs in other areas are within expected norms.
DSInternals Module Version
7.0
PowerShell Version
5.1.26100.8655
Operating System
Microsoft Windows 11 Enterprise
Target Domain Controller Version
Windows Server 2022
Processor Architecture
x64
Checklist
Bug Description
No results under heading "Passwords of these accounts have been found in the dictionary:"
I have downloaded the NTLM encrypred "have I been pwned" database as a text file using the provided dotnot module from haveibeenpwned. Script used below.
I intentionally have a low priority account in the environment with a known "pwned" password and it does not appear in the results. I can run the script replacing the massive results list with a single line file with the pwned password in plain text, and it appears when I run the script again.
Steps to Reproduce
$Passwords = "pwnedpasswords_ntlm.txt"
$Params = @{
"All" = $True
"Server" = 'NAMEOFSERVER'
"NamingContext" = 'dc=DOMAIN,dc=NAME'
}
Get-ADReplAccount @params | Test-PasswordQuality -WeakPasswordsFile $Passwords -IncludeDisabledAccounts
Expected Behavior
Normal expected results of the script, but with at least 1 account listed under section "Passwords of these accounts have been found in the dictionary:"
Actual Behavior
Passwords of these accounts have been found in the dictionary:
(Blank, no names or accounts found)
Stack Trace
DSInternals Module Version
7.0
PowerShell Version
5.1.26100.8655
Operating System
Microsoft Windows 11 Enterprise
Target Domain Controller Version
Windows Server 2022
Processor Architecture
x64
Checklist