See: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/am-i-seeing-double-the-case-of-quot-multiple-copies-of-the-same/ba-p/255499

Allows for single-name domains. Dangerous af.

See: https://learn.microsoft.com/en-us/previous-versions/technet-magazine/cc137727(v=msdn.10)

Show- functions were using variables from the script scope, so they don't work standalone.

Need to pass variables to them.

Howdy!
Is there a way to run the script without hitting enter to the various questions (accepting the defaults), as well as have it output it all to a file to review afterwards?

As mentioned here: #28 (comment)

SPNs on DCs such as ldap/3bffb92d-4949-47f1-b861-e24f1414a63a._msdcs.BlueTuxedo.DanglingSPNs.lol are not dangling SPNs and should be filtered from the list.

The original Get-BTDanglingSPN filtered out SPNs on DCs that had a GUID in the host portion. Probably need to restore that functionality.

Reported Requested by @SamErde

There should be an option to select which type of new zone will be created.

File-backed zones are likely a configuration and security nightmare and should not be an option.

Domain-replicated is probably fine, but default should be Forest-replicated.

Legacy zones should be converted to domain- or forest-replicated zone. BlueTuxedo should provide code for converting these zones to more modern types.

Hello, while executing BlueTuxedo on a custom Windows 10 image that was not domain joined, my team received the following errors at on a client engagement:

We executed it within a runas /netonly shell using a compromised standard user and confirmed the shell to be valid. The client is in fact using ADIDNS through conversation with them. We have disabled Windows Defender locally and have not been having client IPSs blocking on our loud activities (i.e., BloodHound). Client hostnames are resolving and we can authenticate to DCs without issue.

If you have any ideas, feel free to reach out sooner rather later as I will only be on this client network as the engagement will end soon. Certainly understand any delays of course.

This could very well be something I am doing wrong, but when I try to import the module, I get this error:

PS C:\powershell\bluetux\BlueTuxedo-main> import-module .\BlueTuxedo.psd1
import-module : The required module 'DhcpServer' is not loaded. Load the module or remove the module from
'RequiredModules' in the file 'C:\powershell\bluetux\BlueTuxedo-main\BlueTuxedo.psd1'.
At line:1 char:1
+ import-module .\BlueTuxedo.psd1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (C:\powershell\b...BlueTuxedo.psd1:String) [Import-Module], Missing
   MemberException
    + FullyQualifiedErrorId : Modules_InvalidManifest,Microsoft.PowerShell.Commands.ImportModuleCommand

Let me know if there is something I can try to resolve this, or if you have questions. Thanks! Great talk at WWHF by the way.

Dangling SPNs should be removed from the principals they are attached to. BlueTuxedo should provide code for removing SPNs.

Howdy,
How would I specify a particular domain to use? I am testing out in a scenario that has a few domain trusts (including one that is down), and it is taking very long to error out on these remote domains.
Thanks!