Prepare for release 4.2

Documentation/CHANGELOG.md

@@ -1,16 +1,21 @@
 # Changelog
 All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
-## [Unreleased]
+## [4.2] - 2020-03-18
 
 ### Added
 
-- The [Get-ADReplAccount](PowerShell/Get-ADReplAccount.md#get-adreplaccount), [Get-ADReplBackupKey](PowerShell/Get-ADReplBackupKey.md#get-adreplbackupkey) and [Add-ADReplNgcKey](PowerShell/Add-ADReplNgcKey.md#add-adreplngckey) cmdlets now do not require the `Domain` and `NamingContext` parameters to be specified, as their proper values are retrieved from the target DC.
+- The [Test-PasswordQuality](PowerShell/Test-PasswordQuality.md#test-passwordquality) cmdlet now supports **cross-domain and cross-forest duplicate password discovery**.
+- The [Get-ADReplAccount](PowerShell/Get-ADReplAccount.md#get-adreplaccount), [Get-ADReplBackupKey](PowerShell/Get-ADReplBackupKey.md#get-adreplbackupkey) and [Add-ADReplNgcKey](PowerShell/Add-ADReplNgcKey.md#add-adreplngckey) cmdlets no longer require the `Domain` and `NamingContext` parameters to be specified, as their proper values are automatically retrieved from the target DC.
+
+### Changed
+
+- Updated license information in Nuget packages to resolve [Warning NU5125](https://docs.microsoft.com/en-us/nuget/reference/errors-and-warnings/nu5125).
 
 ### Fixed
 
 - Resolved a bug in the [Get-ADDBBackupKey](PowerShell/Get-ADDBBackupKey.md#get-addbbackupkey) cmdlet that prevented it from working on global catalogs in multi-domain forests.
-
+- Resolved a bug in DPAPI credential display.
 
 ## [4.1] - 2019-12-12
 
@@ -361,7 +366,8 @@ This is a [Chocolatey](https://chocolatey.org/packages/dsinternals-psmodule)-onl
 ## 1.0 - 2015-01-20
 Initial release!
 
-[Unreleased]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.1...HEAD
+[Unreleased]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.2...HEAD
+[4.2]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.1...v4.2
 [4.1]: https://github.com/MichaelGrafnetter/DSInternals/compare/v4.0...v4.1
 [4.0]: https://github.com/MichaelGrafnetter/DSInternals/compare/v3.6.1...v4.0
 [3.6.1]: https://github.com/MichaelGrafnetter/DSInternals/compare/v3.6...v3.6.1

Documentation/PowerShell/Test-PasswordQuality.md

@@ -55,7 +55,7 @@ These groups of accounts have the same passwords:
   Group 1:
     CONTOSO\graham
     CONTOSO\graham_admin
-  Group 1:
+  Group 2:
     CONTOSO\admin
     CONTOSO\sql_svc01
 
@@ -92,7 +92,7 @@ Performs an offline credential hygiene audit of AD database against HIBP.
 
 ### Example 2
 ```powershell
-PS C:\> $results = Get-ADReplAccount -All -NamingContext 'DC=contoso,DC=com' -Server LON-DC1 |
+PS C:\> $results = Get-ADReplAccount -All -Server LON-DC1 |
                    Test-PasswordQuality -WeakPasswords 'Pa$$w0rd','April2019' -WeakPasswordHashesSortedFile pwned-passwords-ntlm-ordered-by-hash-v4.txt
 ```
 
@@ -116,6 +116,27 @@ PS C:\> Get-ADDBAccount -All -DatabasePath ntds.dit -BootKey $key |
 
 Performs an offline credential hygiene audit of a selected OU from AD database against HIBP.
 
+### Example 5
+```powershell
+PS C:\> $contosoAccounts = Get-ADReplAccount -All -Server LON-DC1.contoso.com
+PS C:\> $adatumAccounts = Get-ADReplAccount -All -Server NYC-DC1.adatum.com -Credential (Get-Credential)
+PS C:\> $contosoAccounts + $adatumAccounts | Test-PasswordQuality
+<# Sample Output (Partial)
+
+These groups of accounts have the same passwords:
+  Group 1:
+    ADATUM\smith
+    ADATUM\doe
+  Group 2:
+    ADATUM\Administrator
+    ADATUM\joe_admin
+    CONTOSO\Administrator
+    CONTOSO\joe_admin
+#>
+```
+
+Performs a cross-forest duplicate password discovery. Any number of Get-ADReplAccount and Get-ADDBAccount cmdlet outputs can be combined together, as long as the computer has enough memory.
+
 ## PARAMETERS
 
 ### -Account

LICENSE.md

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2015-2019 Michael Grafnetter
+Copyright (c) 2015-2020 Michael Grafnetter
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

Scripts/Pack-Chocolatey.ps1

@@ -19,7 +19,7 @@ if(-not $catalogIsValid)
 } 
 
 # Create target folder
-mkdir $outputDir -Force
+New-Item -Path $outputDir -ItemType Directory -Force
 
 # Pack using Chocolatey
 choco pack $nuspecPath --outputdirectory $outputDir --timeout 60 --confirm --verbose

Scripts/Pack-NuGetPackages.ps1

@@ -18,13 +18,14 @@ $nugetExeUrl = 'https://dist.nuget.org/win-x86-commandline/latest/nuget.exe'
 
 if(-not (Test-Path $nuget))
 {
-    mkdir $toolsDir
+    New-Item -Path $toolsDir -ItemType Directory -Force
     Invoke-WebRequest -Uri $nugetExeUrl -OutFile $nuget
 }
 
 # Pack all *.csproj files that have a corresponding *.nuspec file
-Get-ChildItem -Path $repoRoot -Filter *.nuspec -Exclude DSInternals.nuspec -Recurse -File |
+Get-ChildItem -Path $repoRoot -Filter *.nuspec -Recurse -File |
     ForEach-Object { $PSItem.FullName.Replace('.nuspec', '.csproj') } |
+    Where-Object { Test-Path -Path $PSItem -PathType Leaf } |
     ForEach-Object {
         $solutionFile = $PSItem
         & $nuget pack $solutionFile -OutputDirectory $outputDir -IncludeReferencedProjects -Verbosity detailed -NonInteractive

Src/Configuration/CommonAssemblyInfo.cs

@@ -1,4 +1,4 @@
 using System.Reflection;
 
 [assembly: AssemblyProduct("DSInternals PowerShell Module")]
-[assembly: AssemblyCopyright("Copyright © 2015-2019 Michael Grafnetter. All rights reserved.")]
+[assembly: AssemblyCopyright("Copyright © 2015-2020 Michael Grafnetter. All rights reserved.")]

Src/DSInternals.Common/DSInternals.Common.nuspec

@@ -6,14 +6,18 @@
     <title>DSInternals Common</title>
     <authors>Michael Grafnetter</authors>
     <owners>Michael Grafnetter</owners>
-    <licenseUrl>https://github.com/MichaelGrafnetter/DSInternals/blob/master/LICENSE.md</licenseUrl>
+    <license type="expression">MIT</license>
     <projectUrl>https://github.com/MichaelGrafnetter/DSInternals/</projectUrl>
+    <repository type="git" url="https://github.com/MichaelGrafnetter/DSInternals.git" branch="master" />
     <iconUrl>https://www.dsinternals.com/wp-content/uploads/ad.png</iconUrl>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <description>This package is shared between all other DSInternals packages. It contains implementations of common hash functions used by Windows, including NT hash, LM hash and OrgId hash. It also contains methods for SysKey/BootKey retrieval.</description>
     <summary>This package is shared between all other DSInternals packages.</summary>
-    <releaseNotes>Roamed CNG keys are now exported in proper format.</releaseNotes>
-    <copyright>Copyright (c) 2015-2019 Michael Grafnetter. All rights reserved.</copyright>
+    <releaseNotes>
+- A property called LogonName has been added to the DsAccount class, to support multi-domain scenarios.
+- Several bugs in the ADSI client have been fixed.
+    </releaseNotes>
+    <copyright>Copyright (c) 2015-2020 Michael Grafnetter. All rights reserved.</copyright>
     <tags>ActiveDirectory Security</tags>
   </metadata>
 </package>

Src/DSInternals.Common/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals Common Library")]
-[assembly: AssemblyVersion("4.1")]
-[assembly: AssemblyFileVersion("4.1")]
+[assembly: AssemblyVersion("4.2")]
+[assembly: AssemblyFileVersion("4.2")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]

Src/DSInternals.DataStore/DSInternals.DataStore.nuspec

@@ -6,14 +6,15 @@
     <title>DSInternals DataStore</title>
     <authors>Michael Grafnetter</authors>
     <owners>Michael Grafnetter</owners>
-    <licenseUrl>https://github.com/MichaelGrafnetter/DSInternals/blob/master/LICENSE.md</licenseUrl>
+    <license type="expression">MIT</license>
     <projectUrl>https://github.com/MichaelGrafnetter/DSInternals/</projectUrl>
+    <repository type="git" url="https://github.com/MichaelGrafnetter/DSInternals.git" branch="master" />
     <iconUrl>https://www.dsinternals.com/wp-content/uploads/ad.png</iconUrl>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <description>DSInternals DataStore is an advanced framework for offline ntds.dit file manipulation. It can be used to extract password hashes from Active Directory backups or to modify the sIDHistory and primaryGroupId attributes.</description>
     <summary>DSInternals DataStore is an advanced framework for offline ntds.dit file manipulation.</summary>
-    <releaseNotes>Fixed the order of entries in serialized replication metadata.</releaseNotes>
-    <copyright>Copyright (c) 2015-2019 Michael Grafnetter. All rights reserved.</copyright>
+    <releaseNotes>Directory accounts now contain domain information in the LogonName property.</releaseNotes>
+    <copyright>Copyright (c) 2015-2020 Michael Grafnetter. All rights reserved.</copyright>
     <tags>ActiveDirectory Security NTDS</tags>
     <references>
       <reference file="DSInternals.DataStore.dll" />

Src/DSInternals.DataStore/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals DataStore Library")]
-[assembly: AssemblyVersion("4.1")]
-[assembly: AssemblyFileVersion("4.1")]
+[assembly: AssemblyVersion("4.2")]
+[assembly: AssemblyFileVersion("4.2")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]

Src/DSInternals.PowerShell/Chocolatey/dsinternals-psmodule.nuspec

@@ -3,14 +3,14 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>DSInternals-PSModule</id>
-    <version>4.1</version>
+    <version>4.2</version>
     <packageSourceUrl>https://github.com/MichaelGrafnetter/DSInternals/tree/master/Src/DSInternals.PowerShell/Chocolatey</packageSourceUrl>
     <owners>MichaelGrafnetter</owners>
     <title>DSInternals PowerShell Module</title>
     <authors>Michael Grafnetter</authors>
     <projectUrl>https://github.com/MichaelGrafnetter/DSInternals</projectUrl>
     <iconUrl>https://www.dsinternals.com/wp-content/uploads/ad.png</iconUrl>
-    <copyright>(c) 2015-2019 Michael Grafnetter. All rights reserved.</copyright>
+    <copyright>(c) 2015-2020 Michael Grafnetter. All rights reserved.</copyright>
     <licenseUrl>https://github.com/MichaelGrafnetter/DSInternals/blob/master/LICENSE.md</licenseUrl>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <projectSourceUrl>https://github.com/MichaelGrafnetter/DSInternals/tree/master/Src</projectSourceUrl>
@@ -36,8 +36,9 @@
 ## Disclaimer
 Features exposed through these tools are not supported by Microsoft. Improper use might cause irreversible damage to domain controllers or negatively impact domain security.</description>
     <releaseNotes>
-* The Test-PasswordQuality cmdlet now contains a check for accounts that require smart card authentication and have a password at the same time.
-* Minor bug fixes.
+* The Test-PasswordQuality cmdlet now supports cross-domain and cross-forest duplicate password detection.
+* The Get-ADReplAccount, Get-ADReplBackupKey and Add-ADReplNgcKey cmdlets no longer require the Domain and NamingContext parameters to be specified, as their proper values are automatically retrieved from the target DC.
+* Fixed multiple bugs related to Credential Roaming.
     </releaseNotes>
     <dependencies>
       <!-- Windows Management Framework 3+. For OS prior to Windows 8 and Windows Server 2012. -->

Src/DSInternals.PowerShell/DSInternals.psd1

@@ -8,7 +8,7 @@
 RootModule = 'DSInternals.Bootstrap.psm1'
 
 # Version number of this module.
-ModuleVersion = '4.1'
+ModuleVersion = '4.2'
 
 # ID used to uniquely identify this module
 GUID = '766b3ad8-eb78-48e6-84bd-61b31d96b53e'
@@ -20,7 +20,7 @@ Author = 'Michael Grafnetter'
 CompanyName = 'DSInternals'
 
 # Copyright statement for this module
-Copyright = '(c) 2015-2019 Michael Grafnetter. All rights reserved.'
+Copyright = '(c) 2015-2020 Michael Grafnetter. All rights reserved.'
 
 # Description of the functionality provided by this module
 Description = @"
@@ -137,8 +137,9 @@ PrivateData = @{
 
         # ReleaseNotes of this module
         ReleaseNotes = @"
-- The Test-PasswordQuality cmdlet now contains a check for accounts that require smart card authentication and have a password at the same time.
-- Minor bug fixes.
+- The Test-PasswordQuality cmdlet now supports cross-domain and cross-forest duplicate password detection.
+- The Get-ADReplAccount, Get-ADReplBackupKey and Add-ADReplNgcKey cmdlets no longer require the Domain and NamingContext parameters to be specified, as their proper values are automatically retrieved from the target DC.
+- Fixed multiple bugs related to Credential Roaming.
 "@
     } # End of PSData hashtable
 

Src/DSInternals.PowerShell/License.txt

@@ -4,11 +4,11 @@ The binary distribution of the DSInternals PowerShell Module contains the follow
 DSInternals PowerShell Module and Framework
 -------------------------------------------
 
-(License updated on 7/7/2019 from https://raw.githubusercontent.com/MichaelGrafnetter/DSInternals/master/LICENSE.md.)
+(License updated on 3/17/2020 from https://raw.githubusercontent.com/MichaelGrafnetter/DSInternals/master/LICENSE.md.)
 
 The MIT License (MIT)
 
-Copyright (c) 2015-2019 Michael Grafnetter
+Copyright (c) 2015-2020 Michael Grafnetter
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

Src/DSInternals.PowerShell/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals PowerShell Commands")]
-[assembly: AssemblyVersion("4.1")]
-[assembly: AssemblyFileVersion("4.1")]
+[assembly: AssemblyVersion("4.2")]
+[assembly: AssemblyFileVersion("4.2")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]

Src/DSInternals.PowerShell/Tests/DSInternals.Smoke.Tests.ps1

@@ -84,8 +84,10 @@ Describe 'DSInternals PowerShell Module' {
             Select-String -Path $aboutPagePath -Pattern 'about_DSInternals' -CaseSensitive -SimpleMatch -Quiet | Should Be $true
         }
 
-        It 'contains the License.txt file' {
-            Join-Path $ModulePath 'License.txt' | Should -Exist
+        It 'contains the License.txt file with up-to-date copyright' {
+            $licenseFile = Join-Path $ModulePath 'License.txt'
+            $licenseFile | Should -Exist
+            $licenseFile |  Should -FileContentMatch ('Copyright \(c\) 2015-{0}' -f (Get-Date).Year)
         }
 
         It 'contains Visual C++ Runtime (<Platform>)' -TestCases @{ Platform = 'x86' },@{ Platform = 'amd64' } -Test {

Src/DSInternals.PowerShell/en-US/DSInternals.PowerShell.dll-Help.xml

@@ -9419,7 +9419,7 @@ These groups of accounts have the same passwords:
   Group 1:
     CONTOSO\graham
     CONTOSO\graham_admin
-  Group 1:
+  Group 2:
     CONTOSO\admin
     CONTOSO\sql_svc01
 
@@ -9456,7 +9456,7 @@ These accounts that require smart card authentication have a password:
       </command:example>
       <command:example>
         <maml:title>-------------------------- Example 2 --------------------------</maml:title>
-        <dev:code>PS C:\&gt; $results = Get-ADReplAccount -All -NamingContext 'DC=contoso,DC=com' -Server LON-DC1 |
+        <dev:code>PS C:\&gt; $results = Get-ADReplAccount -All -Server LON-DC1 |
                    Test-PasswordQuality -WeakPasswords 'Pa$$w0rd','April2019' -WeakPasswordHashesSortedFile pwned-passwords-ntlm-ordered-by-hash-v4.txt</dev:code>
         <dev:remarks>
           <maml:para>Performs an online credential hygiene audit of AD against HIBP + a custom wordlist.</maml:para>
@@ -9480,6 +9480,27 @@ These accounts that require smart card authentication have a password:
           <maml:para>Performs an offline credential hygiene audit of a selected OU from AD database against HIBP.</maml:para>
         </dev:remarks>
       </command:example>
+      <command:example>
+        <maml:title>-------------------------- Example 5 --------------------------</maml:title>
+        <dev:code>PS C:\&gt; $contosoAccounts = Get-ADReplAccount -All -Server LON-DC1.contoso.com
+PS C:\&gt; $adatumAccounts = Get-ADReplAccount -All -Server NYC-DC1.adatum.com -Credential (Get-Credential)
+PS C:\&gt; $contosoAccounts + $adatumAccounts | Test-PasswordQuality
+&lt;# Sample Output (Partial)
+
+These groups of accounts have the same passwords:
+  Group 1:
+    ADATUM\smith
+    ADATUM\doe
+  Group 2:
+    ADATUM\Administrator
+    ADATUM\joe_admin
+    CONTOSO\Administrator
+    CONTOSO\joe_admin
+#&gt;</dev:code>
+        <dev:remarks>
+          <maml:para>Performs a cross-forest duplicate password discovery. Any number of Get-ADReplAccount and Get-ADDBAccount cmdlet outputs can be combined together, as long as the computer has enough memory.</maml:para>
+        </dev:remarks>
+      </command:example>
     </command:examples>
     <command:relatedLinks>
       <maml:navigationLink>

Src/DSInternals.Replication.Interop/AssemblyInfo.cpp

@@ -14,7 +14,7 @@ using namespace System::Security::Permissions;
 //
 [assembly:AssemblyTitleAttribute(L"DSInternals Replication Interop Library")];
 // Note: Do not forget to change the version in version.rc files.
-[assembly:AssemblyVersionAttribute("4.0")];
+[assembly:AssemblyVersionAttribute("4.2")];
 [assembly:AssemblyDescriptionAttribute(L"")];
 [assembly:AssemblyConfigurationAttribute(L"")];
 [assembly:AssemblyCompanyAttribute(L"")];

Src/DSInternals.Replication.Interop/version.rc

@@ -39,8 +39,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 4,0,0,0
- PRODUCTVERSION 4,0,0,0
+ FILEVERSION 4,2,0,0
+ PRODUCTVERSION 4,2,0,0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -57,12 +57,12 @@ BEGIN
         BEGIN
             VALUE "CompanyName", "Michael Grafnetter"
             VALUE "FileDescription", "DSInternals Replication Interop Library"
-            VALUE "FileVersion", "4.0.0.0"
+            VALUE "FileVersion", "4.2.0.0"
             VALUE "InternalName", "DSInternals.Replication.Interop"
-            VALUE "LegalCopyright", "Copyright � 2015-2019 Michael Grafnetter"
+            VALUE "LegalCopyright", "Copyright � 2015-2020 Michael Grafnetter"
             VALUE "OriginalFilename", "DSInternals.Replication.Interop.dll"
             VALUE "ProductName", "DSInternals PowerShell Module"
-            VALUE "ProductVersion", "4.0.0.0"
+            VALUE "ProductVersion", "4.2.0.0"
         END
     END
     BLOCK "VarFileInfo"

Src/DSInternals.Replication.Model/Properties/AssemblyInfo.cs

@@ -5,8 +5,8 @@
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("DSInternals Replication Data Model")]
-[assembly: AssemblyVersion("4.0")]
-[assembly: AssemblyFileVersion("4.0")]
+[assembly: AssemblyVersion("4.2")]
+[assembly: AssemblyFileVersion("4.2")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]