Michael Grafnetter
Michael Grafnetter
Hello @m4xx75 , would you please be able to share the exception stack trace?
@m4xx75 Thanks for the info. There is apparently an empty CNG private key file stored in the `ms-PKI-AccountCredentials` attribute of one of the user accounts. I will need to update...
Can't promise any specific date. The problem is not an empty attribute, that would be absolutely OK. But your DB contains private keys of length 0, which is definitely strange...
@m4xx75 The issue should be resolved in DSInternals 4.14, which is more tolerant to malformed roamed credentials.
Hard to tell. Is the `powershell.exe` elevated (Run as Administrator)?
OK. What about `Get-SamPasswordPolicy -Domain westworld`, does it work? And `net user /domain`? Had NetCease been applied to that environment? Or any other hardening? Does the Security log on the...
That is strange. I only have a limited AD lab, just re-tested the cmdlet and had no issues. If you figure it out, keep me posted, pls. I would also...
Only the `Reset password` permission should be required. Just tested it in a clean AD environment with a fully updated Windows Server 2022 21H2 DC:  Command: ```powershell Set-SamAccountPasswordHash -SamAccountName...
Hello @chriss3nt , were you able to test it, please?
Hi @sdbruce1 , would you please be able to provide a PowerShell command, that would create such an account with a malformed DN?