en-US/Locksmith-help.xml
|
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Invoke-Locksmith</command:name> <command:verb>Invoke</command:verb> <command:noun>Locksmith</command:noun> <maml:description> <maml:para>Finds the most common malconfigurations of Active Directory Certificate Services (AD CS).</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Locksmith uses the Active Directory (AD) Powershell (PS) module to identify 10 misconfigurations commonly found in Enterprise mode AD CS installations.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Invoke-Locksmith</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Mode</maml:name> <maml:description> <maml:para>Specifies sets of common script execution modes.</maml:para> <maml:para>-Mode 0 Finds any malconfigurations and displays them in the console. No attempt is made to fix identified issues.</maml:para> <maml:para>-Mode 1 Finds any malconfigurations and displays them in the console. Displays example Powershell snippet that can be used to resolve the issue. No attempt is made to fix identified issues.</maml:para> <maml:para>-Mode 2 Finds any malconfigurations and writes them to a series of CSV files. No attempt is made to fix identified issues.</maml:para> <maml:para>-Mode 3 Finds any malconfigurations and writes them to a series of CSV files. Creates code snippets to fix each issue and writes them to an environment-specific custom .PS1 file. No attempt is made to fix identified issues.</maml:para> <maml:para>-Mode 4 Finds any malconfigurations and creates code snippets to fix each issue. Attempts to fix all identified issues. This mode may require high-privileged access.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none"> <maml:name>Scans</maml:name> <maml:description> <maml:para>Specify which scans you want to run. Available scans: 'All' or Auditing, ESC1, ESC2, ESC3, ESC4, ESC5, ESC6, ESC8, or 'PromptMe'</maml:para> <maml:para>-Scans All Run all scans (default).</maml:para> <maml:para>-Scans PromptMe Presents a grid view of the available scan types that can be selected and run them after you click OK.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Array</command:parameterValue> <dev:type> <maml:name>Array</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>All</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="3" aliases="none"> <maml:name>OutputPath</maml:name> <maml:description> <maml:para>Specify the path where you want to save reports and mitigation scripts.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>$PWD</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="4" aliases="none"> <maml:name>Credential</maml:name> <maml:description> <maml:para>The credential to use for working with ADCS.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue> <dev:type> <maml:name>PSCredential</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Mode</maml:name> <maml:description> <maml:para>Specifies sets of common script execution modes.</maml:para> <maml:para>-Mode 0 Finds any malconfigurations and displays them in the console. No attempt is made to fix identified issues.</maml:para> <maml:para>-Mode 1 Finds any malconfigurations and displays them in the console. Displays example Powershell snippet that can be used to resolve the issue. No attempt is made to fix identified issues.</maml:para> <maml:para>-Mode 2 Finds any malconfigurations and writes them to a series of CSV files. No attempt is made to fix identified issues.</maml:para> <maml:para>-Mode 3 Finds any malconfigurations and writes them to a series of CSV files. Creates code snippets to fix each issue and writes them to an environment-specific custom .PS1 file. No attempt is made to fix identified issues.</maml:para> <maml:para>-Mode 4 Finds any malconfigurations and creates code snippets to fix each issue. Attempts to fix all identified issues. This mode may require high-privileged access.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none"> <maml:name>Scans</maml:name> <maml:description> <maml:para>Specify which scans you want to run. Available scans: 'All' or Auditing, ESC1, ESC2, ESC3, ESC4, ESC5, ESC6, ESC8, or 'PromptMe'</maml:para> <maml:para>-Scans All Run all scans (default).</maml:para> <maml:para>-Scans PromptMe Presents a grid view of the available scan types that can be selected and run them after you click OK.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Array</command:parameterValue> <dev:type> <maml:name>Array</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>All</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="3" aliases="none"> <maml:name>OutputPath</maml:name> <maml:description> <maml:para>Specify the path where you want to save reports and mitigation scripts.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>$PWD</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="4" aliases="none"> <maml:name>Credential</maml:name> <maml:description> <maml:para>The credential to use for working with ADCS.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue> <dev:type> <maml:name>PSCredential</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None. You cannot pipe objects to Invoke-Locksmith.ps1.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>Output types:</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>1. Console display of identified issues.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>2. Console display of identified issues and their fixes.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>3. CSV containing all identified issues.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> <command:returnValue> <dev:type> <maml:name>4. CSV containing all identified issues and their fixes.</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para>The Windows PowerShell cmdlet Restart-Service requires RunAsAdministrator.</maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- EXAMPLE 1 --------------------------</maml:title> <dev:code>Invoke-Locksmith -Mode 0 -Scans All -OutputPath 'C:\Temp'</dev:code> <dev:remarks> <maml:para>Finds all malconfigurations and displays them in the console.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- EXAMPLE 2 --------------------------</maml:title> <dev:code>Invoke-Locksmith -Mode 2 -Scans All -OutputPath 'C:\Temp'</dev:code> <dev:remarks> <maml:para>Finds all malconfigurations and displays them in the console. The findings are saved in a CSV file in C:\Temp.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> </helpItems> |