Unpacking Software Livestream

Join our monthly Unpacking Software livestream to hear about the latest news, chat and opinion on packaging, software deployment and lifecycle management!

Learn More

Chocolatey Product Spotlight

Join the Chocolatey Team on our regular monthly stream where we put a spotlight on the most recent Chocolatey product releases. You'll have a chance to have your questions answered in a live Ask Me Anything format.

Learn More

Chocolatey Coding Livestream

Join us for the Chocolatey Coding Livestream, where members of our team dive into the heart of open source development by coding live on various Chocolatey projects. Tune in to witness real-time coding, ask questions, and gain insights into the world of package management. Don't miss this opportunity to engage with our team and contribute to the future of Chocolatey!

Learn More

Calling All Chocolatiers! Whipping Up Windows Automation with Chocolatey Central Management

Webinar from
Wednesday, 17 January 2024

We are delighted to announce the release of Chocolatey Central Management v0.12.0, featuring seamless Deployment Plan creation, time-saving duplications, insightful Group Details, an upgraded Dashboard, bug fixes, user interface polishing, and refined documentation. As an added bonus we'll have members of our Solutions Engineering team on-hand to dive into some interesting ways you can leverage the new features available!

Watch On-Demand
Chocolatey Community Coffee Break

Join the Chocolatey Team as we discuss all things Community, what we do, how you can get involved and answer your Chocolatey questions.

Watch The Replays
Chocolatey and Intune Overview

Webinar Replay from
Wednesday, 30 March 2022

At Chocolatey Software we strive for simple, and teaching others. Let us teach you just how simple it could be to keep your 3rd party applications updated across your devices, all with Intune!

Watch On-Demand
Chocolatey For Business. In Azure. In One Click.

Livestream from
Thursday, 9 June 2022

Join James and Josh to show you how you can get the Chocolatey For Business recommended infrastructure and workflow, created, in Azure, in around 20 minutes.

Watch On-Demand
The Future of Chocolatey CLI

Livestream from
Thursday, 04 August 2022

Join Paul and Gary to hear more about the plans for the Chocolatey CLI in the not so distant future. We'll talk about some cool new features, long term asks from Customers and Community and how you can get involved!

Watch On-Demand
Hacktoberfest Tuesdays 2022

Livestreams from
October 2022

For Hacktoberfest, Chocolatey ran a livestream every Tuesday! Re-watch Cory, James, Gary, and Rain as they share knowledge on how to contribute to open-source projects such as Chocolatey CLI.

Watch On-Demand

Downloads:

43,563

Downloads of v 4.8:

2,302

Last Update:

06 Dec 2022

Package Maintainer(s):

Software Author(s):

  • Michael Grafnetter

Tags:

admin dsinternals powershell activedirectory ad security ntds passwords dpapi lsa sam audit

DSInternals PowerShell Module

This is not the latest version of DSInternals PowerShell Module available.

  • 1
  • 2
  • 3

4.8 | Updated: 06 Dec 2022

Downloads:

43,563

Downloads of v 4.8:

2,302

Maintainer(s):

Software Author(s):

  • Michael Grafnetter

DSInternals PowerShell Module 4.8

This is not the latest version of DSInternals PowerShell Module available.

Legal Disclaimer: Neither this package nor Chocolatey Software, Inc. are affiliated with or endorsed by Michael Grafnetter. The inclusion of Michael Grafnetter trademark(s), if any, upon this webpage is solely to identify Michael Grafnetter goods or services and not for commercial purposes.

  • 1
  • 2
  • 3

This Package Contains an Exempted Check

Not All Tests Have Passed


Validation Testing Passed


Verification Testing Exemption:

Requires PowerShell 5

Details

Scan Testing Successful:

No detections found in any package files

Details
Learn More

Deployment Method: Individual Install, Upgrade, & Uninstall

To install DSInternals PowerShell Module, run the following command from the command line or from PowerShell:

>

To upgrade DSInternals PowerShell Module, run the following command from the command line or from PowerShell:

>

To uninstall DSInternals PowerShell Module, run the following command from the command line or from PowerShell:

>

Deployment Method:

NOTE

This applies to both open source and commercial editions of Chocolatey.

1. Enter Your Internal Repository Url

(this should look similar to https://community.chocolatey.org/api/v2/)


2. Setup Your Environment

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

2. Get the package into your environment

  • Open Source or Commercial:
    • Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2/. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
    • You can also just download the package and push it to a repository Download

3. Copy Your Script

choco upgrade dsinternals-psmodule -y --source="'INTERNAL REPO URL'" --version="'4.8'" [other options]

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:


choco upgrade dsinternals-psmodule -y --source="'INTERNAL REPO URL'" --version="'4.8'" 
$exitCode = $LASTEXITCODE

Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
  Exit 0
}

Exit $exitCode

- name: Install dsinternals-psmodule
  win_chocolatey:
    name: dsinternals-psmodule
    version: '4.8'
    source: INTERNAL REPO URL
    state: present

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.


chocolatey_package 'dsinternals-psmodule' do
  action    :install
  source   'INTERNAL REPO URL'
  version  '4.8'
end

See docs at https://docs.chef.io/resource_chocolatey_package.html.


cChocoPackageInstaller dsinternals-psmodule
{
    Name     = "dsinternals-psmodule"
    Version  = "4.8"
    Source   = "INTERNAL REPO URL"
}

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.


package { 'dsinternals-psmodule':
  ensure   => '4.8',
  provider => 'chocolatey',
  source   => 'INTERNAL REPO URL',
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.


4. If applicable - Chocolatey configuration/installation

See infrastructure management matrix for Chocolatey configuration elements and examples.

Package Approved

This package was approved as a trusted package on 06 Dec 2022.

Description

The DSInternals PowerShell Module has these main features:

Installation Notes

  • The module will be installed to the $PSHome\Modules directory. This is to avoid conflicts with the PowerShell Gallery and still support module autoloading.

Disclaimer

Features exposed through these tools are not supported by Microsoft. Improper use might cause irreversible damage to domain controllers or negatively impact domain security.


DSInternals\amd64\vcruntime140_1.dll
md5: 40BA5C03DD43447E5A11E70C43D6DE00 | sha1: D3B5AD134BE945CBBD3E6BBEB045FC323E102C42 | sha256: 190EA88F3124D2A130999F31882C82BB7847F5DA6FCA9EF608E642AA3C7663B7 | sha512: FDE297BA4B3D093AD9E679BF4B6A3F897D425E5A120908AEE2D4A65EFB626B89519AA532D91CEB9AC7FA0D9E3D7EBE8FC5FFBB638F7169D31CBE6BB38B4DE6F1
DSInternals\en-US\about_DSInternals.help.txt
TOPIC
    about_DSInternals

SHORT DESCRIPTION
    The Directory Services Internals (DSInternals) PowerShell Module exposes
    several internal and undocumented features of Active Directory.

LONG DESCRIPTION
    The main features of the DSInternals PowerShell Module include:
    - Offline ntds.dit file manipulation, including hash dumping, password
    resets, group membership changes, SID History injection and
    enabling/disabling accounts.
    - Online password hash dumping through the Directory Replication Service
    Remote Protocol (MS-DRSR).
    - Active Directory password auditing that discovers accounts sharing the
    same passwords or having passwords in a public database like HaveIBeenPwned
    or in a custom dictionary.
    - Domain or local account password hash injection through the Security
    Account Manager Remote Protocol (MS-SAMR) or directly into the database.
    - LSA Policy modification through the Local Security Authority Remote
    Protocol (MS-LSAD / LSARPC).
    - Extracting credential roaming data and DPAPI domain backup keys, either
    online through MS-DRSR and LSARPC or offline from ntds.dit.
    - Bare-metal recovery of domain controllers from just IFM backups (ntds.dit
    + SYSVOL).
    - Password hash calculation, including NT hash, LM hash and kerberos keys.

NOTE
    Features exposed through these tools are not supported by Microsoft.
    Improper use might cause irreversible damage to domain controllers or
    negatively impact domain security.

SEE ALSO
    Get-ADDBAccount
    Get-ADReplAccount
    Test-PasswordQuality
    New-ADDBRestoreFromMediaScript
    ConvertTo-NTHash

DSInternals\en-US\DSInternals.PowerShell.dll-Help.xml
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh">
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Add-ADDBSidHistory</command:name>
      <command:verb>Add</command:verb>
      <command:noun>ADDBSidHistory</command:noun>
      <maml:description>
        <maml:para>Adds one or more values to the sIDHistory attribute of an object in a ntds.dit file.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>This cmdlet can be used to add any value to the sIDHistory attribute by directly modifying the Active Directory database. Note that the Active Directory Migration Tool (ADMT) is the only supported way of modifying the sIDHistory attribute. Improper usage of this cmdlet may cause irreversible damage to the target Active Directory environment.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Add-ADDBSidHistory</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="hist, History">
          <maml:name>SidHistory</maml:name>
          <maml:Description>
            <maml:para>Specifies an array of security IDs (SIDs) that will be added to the SID History of the target object.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier[]</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Add-ADDBSidHistory</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="hist, History">
          <maml:name>SidHistory</maml:name>
          <maml:Description>
            <maml:para>Specifies an array of security IDs (SIDs) that will be added to the SID History of the target object.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier[]</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Add-ADDBSidHistory</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="hist, History">
          <maml:name>SidHistory</maml:name>
          <maml:Description>
            <maml:para>Specifies an array of security IDs (SIDs) that will be added to the SID History of the target object.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier[]</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Add-ADDBSidHistory</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="hist, History">
          <maml:name>SidHistory</maml:name>
          <maml:Description>
            <maml:para>Specifies an array of security IDs (SIDs) that will be added to the SID History of the target object.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier[]</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Force</maml:name>
        <maml:Description>
          <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="hist, History">
        <maml:name>SidHistory</maml:name>
        <maml:Description>
          <maml:para>Specifies an array of security IDs (SIDs) that will be added to the SID History of the target object.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier[]</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
        <maml:name>SkipMetaUpdate</maml:name>
        <maml:Description>
          <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier[]</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Stop-Service -Name ntds -Force
PS C:\&gt; Add-ADDBSidHistory -SamAccountName John `
                           -SidHistory 'S-1-5-21-3623811102-3361044346-30300840-512',
                                       'S-1-5-21-3623811102-3361044346-30300840-519' `
                           -DatabasePath C:\Windows\NTDS\ntds.dit
PS C:\&gt; Start-Service -Name ntds</dev:code>
        <dev:remarks>
          <maml:para>Adds the SIDs of the Domain Admins and Enterprise Admins groups into user John 's sIDHistory.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Import-Csv user.csv | Add-ADDBSidHistory -DatabasePath C:\Windows\NTDS\ntds.dit</dev:code>
        <dev:remarks>
          <maml:para>Imports a CSV file containing SamAccountName and SidHistory columns into a nds.dit file.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Add-ADDBSidHistory.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBPrimaryGroup</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBDomainController</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Add-ADReplNgcKey</command:name>
      <command:verb>Add</command:verb>
      <command:noun>ADReplNgcKey</command:noun>
      <maml:description>
        <maml:para>Composes and updates the msDS-KeyCredentialLink value on an object through the MS-DRSR protocol.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>This cmdlet wraps the IDL_DRSWriteNgcKey RPC call.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Add-ADReplNgcKey</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the target Active Directory object.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>PublicKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the NGC key value.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Add-ADReplNgcKey</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="0" aliases="Login, sam, AccountName, User">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the target Active Directory account.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="AccountDomain, UserDomain">
          <maml:name>Domain</maml:name>
          <maml:Description>
            <maml:para>Specifies the NetBIOS domain name of the target Active Directory account.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>PublicKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the NGC key value.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Add-ADReplNgcKey</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the target Active Directory object.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>PublicKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the NGC key value.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Add-ADReplNgcKey</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the target Active Directory account.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>PublicKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the NGC key value.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Add-ADReplNgcKey</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>PublicKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the NGC key value.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="UPN">
          <maml:name>UserPrincipalName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the target Active Directory account.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Credential</maml:name>
        <maml:Description>
          <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
        <dev:type>
          <maml:name>PSCredential</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the target Active Directory object.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="AccountDomain, UserDomain">
        <maml:name>Domain</maml:name>
        <maml:Description>
          <maml:para>Specifies the NetBIOS domain name of the target Active Directory account.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the target Active Directory object.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the target Active Directory account.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
        <maml:name>Protocol</maml:name>
        <maml:Description>
          <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
        <dev:type>
          <maml:name>RpcProtocol</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>PublicKey</maml:name>
        <maml:Description>
          <maml:para>Specifies the NGC key value.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="0" aliases="Login, sam, AccountName, User">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the target Active Directory account.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
        <maml:name>Server</maml:name>
        <maml:Description>
          <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="UPN">
        <maml:name>UserPrincipalName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the target Active Directory account.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Add-ADReplNgcKey -UserPrincipalName '[email protected]' -Server LON-DC1 -PublicKey 525341310008000003000000000100000000000000000000010001C1A78914457758B0B13C70C710C7F8548F3F9ED56AD4640B6E6A112655C98ECAC1CBD68A298F5686C08439428A97FE6FDF58D78EA481905182BAD684C2D9C5CDE1CDE34AA19742E8BBF58B953EAC4C562FCF598CC176B02DBE9FFFEF5937A65815C236F92892F7E511A1FEDD5483CB33F1EA715D68106180DED2432A293367114A6E325E62F93F73D7ECE4B6A2BCDB829D95C8645C3073B94BA7CB7515CD29042F0967201C6E24A77821E92A6C756DF79841ACBAAE11D90CA03B9FCD24EF9E304B5D35248A7BD70557399960277058AE3E99C7C7E2284858B7BF8B08CDD286964186A50A7FCBCC6A24F00FEE5B9698BBD3B1AEAD0CE81FEA461C0ABD716843A5</dev:code>
        <dev:remarks>
          <maml:para>Registers the specified NGC public key for user [email protected] .</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Add-ADReplNgcKey.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADKeyCredential</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertFrom-ADManagedPasswordBlob</command:name>
      <command:verb>ConvertFrom</command:verb>
      <command:noun>ADManagedPasswordBlob</command:noun>
      <maml:description>
        <maml:para>Decodes the value of the msDS-ManagedPassword attribute of a Group Managed Service Account.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Decodes the MSDS-MANAGEDPASSWORD_BLOB structure containing a group-managed service account's password information.</maml:para>
      <maml:para>The password is actually a cryptographically generated array of 256 bytes that is represented as an 128 characters long UTF-16 string.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertFrom-ADManagedPasswordBlob</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="msDS-ManagedPassword, ManagedPassword, ManagedPasswordBlob">
          <maml:name>Blob</maml:name>
          <maml:Description>
            <maml:para>Specifies the binary value stored in the msDS-ManagedPassword attribute.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="msDS-ManagedPassword, ManagedPassword, ManagedPasswordBlob">
        <maml:name>Blob</maml:name>
        <maml:Description>
          <maml:para>Specifies the binary value stored in the msDS-ManagedPassword attribute.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.ManagedPassword</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $gmsa = Get-ADServiceAccount -Identity 'SQL_HQ_Primary' -Properties 'msDS-ManagedPassword'
PS C:\&gt; ConvertFrom-ADManagedPasswordBlob -Blob $gmsa.'msDS-ManagedPassword'
&lt;# Sample Output:
Version                   : 1
CurrentPassword           : 湤ୟɰ橣낔饔ᦺ几᧾ʞꈠ⿕ՔὬ랭뷾햾咶郸�렇ͧ퀟᝘럓몚ꬶ佩䎖∘Ǐ㦗ן뱷鼹⽩Ⲃ⫝咽㠅E䠹鸞왶婰鞪
PreviousPassword          :
QueryPasswordInterval     : 29.17:15:36.3736817
UnchangedPasswordInterval : 29.17:10:36.3736817
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Decodes the managed password information from a group-managed service account (GMSA) called SQL_HQ_Primary . The user retrieving the managed password needs to be listed in the PrincipalsAllowedToRetrieveManagedPassword property of the GMSA.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertFrom-ADManagedPasswordBlob.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADServiceAccount</maml:linkText>
        <maml:uri>https://docs.microsoft.com/en-us/powershell/module/addsadministration/get-adserviceaccount</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADServiceAccount</maml:linkText>
        <maml:uri>https://docs.microsoft.com/en-us/powershell/module/addsadministration/set-adserviceaccount</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>New-ADServiceAccount</maml:linkText>
        <maml:uri>https://docs.microsoft.com/en-us/powershell/module/addsadministration/new-adserviceaccount</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertFrom-GPPrefPassword</command:name>
      <command:verb>ConvertFrom</command:verb>
      <command:noun>GPPrefPassword</command:noun>
      <maml:description>
        <maml:para>Decodes a password from the format used by Group Policy Preferences.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>{{Fill in the Description}}</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertFrom-GPPrefPassword</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="none">
          <maml:name>EncryptedPassword</maml:name>
          <maml:Description>
            <maml:para>Provide an encrypted password from a Group Policy Preferences XML file.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="none">
        <maml:name>EncryptedPassword</maml:name>
        <maml:Description>
          <maml:para>Provide an encrypted password from a Group Policy Preferences XML file.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; {{ Add example code here }}</dev:code>
        <dev:remarks>
          <maml:para>{{ Add example description here }}</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertFrom-GPPrefPassword.md</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertFrom-UnicodePassword</command:name>
      <command:verb>ConvertFrom</command:verb>
      <command:noun>UnicodePassword</command:noun>
      <maml:description>
        <maml:para>Decodes a password from the format used in unattend.xml files.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>{{Fill in the Description}}</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertFrom-UnicodePassword</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
          <maml:name>UnicodePassword</maml:name>
          <maml:Description>
            <maml:para>Specifies the encoded password that should be decoded.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
        <maml:name>UnicodePassword</maml:name>
        <maml:Description>
          <maml:para>Specifies the encoded password that should be decoded.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; {{ Add example code here }}</dev:code>
        <dev:remarks>
          <maml:para>{{ Add example description here }}</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertFrom-UnicodePassword.md</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertTo-GPPrefPassword</command:name>
      <command:verb>ConvertTo</command:verb>
      <command:noun>GPPrefPassword</command:noun>
      <maml:description>
        <maml:para>Converts a password to the format used by Group Policy Preferences.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>{{Fill in the Description}}</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertTo-GPPrefPassword</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="p">
          <maml:name>Password</maml:name>
          <maml:Description>
            <maml:para>Provide a password in the form of a SecureString.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="p">
        <maml:name>Password</maml:name>
        <maml:Description>
          <maml:para>Provide a password in the form of a SecureString.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
        <dev:type>
          <maml:name>SecureString</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.SecureString</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; {{ Add example code here }}</dev:code>
        <dev:remarks>
          <maml:para>{{ Add example description here }}</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertTo-GPPrefPassword.md</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertTo-Hex</command:name>
      <command:verb>ConvertTo</command:verb>
      <command:noun>Hex</command:noun>
      <maml:description>
        <maml:para>Helper cmdlet that converts binary input to a hexadecimal string.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Converts a byte array to its hexadecimal representation.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertTo-Hex</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="none">
          <maml:name>Input</maml:name>
          <maml:Description>
            <maml:para>Specifies the binary input in the form of an array of bytes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>UpperCase</maml:name>
          <maml:Description>
            <maml:para>Indicates that the output should be encoded using uppercase characters instead of lowercase ones.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="none">
        <maml:name>Input</maml:name>
        <maml:Description>
          <maml:para>Specifies the binary input in the form of an array of bytes.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>UpperCase</maml:name>
        <maml:Description>
          <maml:para>Indicates that the output should be encoded using uppercase characters instead of lowercase ones.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Byte[]</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; ConvertTo-Hex -Input 0,255,32
00ff20</dev:code>
        <dev:remarks>
          <maml:para>Converts the byte array to its hexadecimal representation, using lowercase characters.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; ConvertTo-Hex -Input 0,255,32 -UpperCase
00FF20</dev:code>
        <dev:remarks>
          <maml:para>Converts the byte array to its hexadecimal representation, using uppercase characters.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertTo-Hex.md</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertTo-KerberosKey</command:name>
      <command:verb>ConvertTo</command:verb>
      <command:noun>KerberosKey</command:noun>
      <maml:description>
        <maml:para>Computes Kerberos keys from a given password using Kerberos version 5 Key Derivation Functions.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Supports the derivation of AES256, AES128 and DES encryption keys. To calculate the RC4 key, the ConvertTo-NTHash cmdlet should be used instead.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertTo-KerberosKey</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="p">
          <maml:name>Password</maml:name>
          <maml:Description>
            <maml:para>Specifies an input password from which kerberos keys will be derived.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="s">
          <maml:name>Salt</maml:name>
          <maml:Description>
            <maml:para>Specifies the salt parameter of the string-to-key functions.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="i">
          <maml:name>Iterations</maml:name>
          <maml:Description>
            <maml:para>Specifies the iteration count parameter of the string-to-key functions.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
          <dev:type>
            <maml:name>Int32</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>4096</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="i">
        <maml:name>Iterations</maml:name>
        <maml:Description>
          <maml:para>Specifies the iteration count parameter of the string-to-key functions.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
        <dev:type>
          <maml:name>Int32</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>4096</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="p">
        <maml:name>Password</maml:name>
        <maml:Description>
          <maml:para>Specifies an input password from which kerberos keys will be derived.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
        <dev:type>
          <maml:name>SecureString</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="s">
        <maml:name>Salt</maml:name>
        <maml:Description>
          <maml:para>Specifies the salt parameter of the string-to-key functions.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.KerberosKeyDataNew</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $pwd = ConvertTo-SecureString -String 'Pa$$w0rd' -AsPlainText -Force
PS C:\&gt; ConvertTo-KerberosKey -Password $pwd -Salt 'CONTOSO.COMAdministrator'
&lt;# Sample Output:

AES256_CTS_HMAC_SHA1_96
  Key: 660e61042b190b5724c62bb473facca12058fb9ad3c03c0d2809f839c0352502
  Iterations: 4096

AES128_CTS_HMAC_SHA1_96
  Key: bd75e98362b16649ffbaed630d5341d0
  Iterations: 4096

DES_CBC_MD5
  Key: aed02c52204ca2ce
  Iterations: 4096
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Applies 3 different kerberos key derivation functions to the specified password and salt.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertTo-KerberosKey.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>ConvertTo-NTHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>ConvertTo-LMHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertTo-LMHash</command:name>
      <command:verb>ConvertTo</command:verb>
      <command:noun>LMHash</command:noun>
      <maml:description>
        <maml:para>Calculates LM hash of a given password.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Applies the Lan Manager one-way function (LM OWF) to a given cleartext password and returns the resulting hash.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertTo-LMHash</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="p">
          <maml:name>Password</maml:name>
          <maml:Description>
            <maml:para>Specifies a password in the form of a SecureString.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="p">
        <maml:name>Password</maml:name>
        <maml:Description>
          <maml:para>Specifies a password in the form of a SecureString.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
        <dev:type>
          <maml:name>SecureString</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.SecureString</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; ConvertTo-LMHash

cmdlet ConvertTo-LMHash at command pipeline position 1
Supply values for the following parameters:
(Type !? for Help.)
Password: ********
727e3576618fa1754a3b108f3fa6cb6d</dev:code>
        <dev:remarks>
          <maml:para>Reads a password from the command line and calculates its LM hash.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $pwd = ConvertTo-SecureString -String 'Pa$$w0rd' -AsPlainText -Force
PS C:\&gt; ConvertTo-LMHash -Password $pwd
727e3576618fa1754a3b108f3fa6cb6d</dev:code>
        <dev:remarks>
          <maml:para>Calculates the LM hash of password Pa$$w0rd .</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertTo-LMHash.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>ConvertTo-NTHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>ConvertTo-KerberosKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertTo-NTHash</command:name>
      <command:verb>ConvertTo</command:verb>
      <command:noun>NTHash</command:noun>
      <maml:description>
        <maml:para>Calculates NT hash of a given password.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Applies the NT one-way function (NT OWF) to a given cleartext password and returns the resulting hash, which is just the MD4 hash function applied to the UTF-16 encoded input.</maml:para>
      <maml:para>This hash is sometimes called NTLM hash, because it is mainly used in the NTLM(v2) network authentication protocol.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertTo-NTHash</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="p">
          <maml:name>Password</maml:name>
          <maml:Description>
            <maml:para>Specifies a password in the form of a SecureString.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="p">
        <maml:name>Password</maml:name>
        <maml:Description>
          <maml:para>Specifies a password in the form of a SecureString.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
        <dev:type>
          <maml:name>SecureString</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.SecureString</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; ConvertTo-NTHash

cmdlet ConvertTo-NTHash at command pipeline position 1
Supply values for the following parameters:
(Type !? for Help.)
Password: ********
92937945b518814341de3f726500d4ff</dev:code>
        <dev:remarks>
          <maml:para>Reads a password from the command line and calculates its NT hash.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $pwd = ConvertTo-SecureString -String 'Pa$$w0rd' -AsPlainText -Force
PS C:\&gt; ConvertTo-NTHash -Password $pwd
92937945b518814341de3f726500d4ff</dev:code>
        <dev:remarks>
          <maml:para>Calculates the NT hash of password Pa$$w0rd .</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertTo-NTHash.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>ConvertTo-LMHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>ConvertTo-KerberosKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertTo-OrgIdHash</command:name>
      <command:verb>ConvertTo</command:verb>
      <command:noun>OrgIdHash</command:noun>
      <maml:description>
        <maml:para>Calculates OrgId hash of a given password. Used by Azure Active Directory Connect.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>The OrgId hash is defined as PBKDF2( UTF-16( ToUpper( ToHex( MD4( UTF-16(plaintext))))), RND(10), 1000, HMAC-SHA256, 32).</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertTo-OrgIdHash</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="h">
          <maml:name>NTHash</maml:name>
          <maml:Description>
            <maml:para>Provide a 16-byte NT Hash of user's password in hexadecimal format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="1" aliases="s">
          <maml:name>Salt</maml:name>
          <maml:Description>
            <maml:para>Provide a 10-byte salt in hexadecimal format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>ConvertTo-OrgIdHash</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="p">
          <maml:name>Password</maml:name>
          <maml:Description>
            <maml:para>Provide a password in the form of a SecureString.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="1" aliases="s">
          <maml:name>Salt</maml:name>
          <maml:Description>
            <maml:para>Provide a 10-byte salt in hexadecimal format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="h">
        <maml:name>NTHash</maml:name>
        <maml:Description>
          <maml:para>Provide a 16-byte NT Hash of user's password in hexadecimal format.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="p">
        <maml:name>Password</maml:name>
        <maml:Description>
          <maml:para>Provide a password in the form of a SecureString.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
        <dev:type>
          <maml:name>SecureString</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="1" aliases="s">
        <maml:name>Salt</maml:name>
        <maml:Description>
          <maml:para>Provide a 10-byte salt in hexadecimal format.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.SecureString</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Byte[]</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $pwd = ConvertTo-SecureString -String 'Pa$$w0rd' -AsPlainText -Force
PS C:\&gt; ConvertTo-OrgIdHash -Password $pwd
&lt;# Sample Output:
v1;PPH1_MD4,60eaffd2c886b419df7a,1000,ab9c532104713157395a70da85cc8a1b418508753c6997f02341d541328ef16b;
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Calculates the OrgId hash from a cleartext password using a random salt.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; ConvertTo-OrgIdHash -NTHash 92937945b518814341de3f726500d4ff
&lt;# Sample Output:
v1;PPH1_MD4,46c0c5d9095185ce5cf8,1000,6bb7b360d9105ed5157460b343d5d143e465a59195bc9b568718268c334ea4a9;
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Calculates the OrgId hash from a NT hash while using a random salt.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 3 --------------------------</maml:title>
        <dev:code>PS C:\&gt; ConvertTo-OrgIdHash -NTHash 92937945b518814341de3f726500d4ff -Salt a42b92067e4b8123101a
&lt;# Sample Output:
v1;PPH1_MD4,a42b92067e4b8123101a,1000,f0fc762ea9051ef754652becd83ee5e54c1c857c1c0965abac5d85de9c143911;
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Calculates the OrgId hash from a NT hash while using the given salt.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertTo-OrgIdHash.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>ConvertTo-NTHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>ConvertTo-UnicodePassword</command:name>
      <command:verb>ConvertTo</command:verb>
      <command:noun>UnicodePassword</command:noun>
      <maml:description>
        <maml:para>Converts a password to the format used in unattend.xml or *.ldif files.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>{{Fill in the Description}}</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>ConvertTo-UnicodePassword</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
          <maml:name>Password</maml:name>
          <maml:Description>
            <maml:para>Specifies a password that will be converted to the specifiet format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>IsUnattendPassword</maml:name>
          <maml:Description>
            <maml:para>Indicates that the result should be in the format for unattend.xml instead of *.ldif.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>IsUnattendPassword</maml:name>
        <maml:Description>
          <maml:para>Indicates that the result should be in the format for unattend.xml instead of *.ldif.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
        <maml:name>Password</maml:name>
        <maml:Description>
          <maml:para>Specifies a password that will be converted to the specifiet format.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
        <dev:type>
          <maml:name>SecureString</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; {{ Add example code here }}</dev:code>
        <dev:remarks>
          <maml:para>{{ Add example description here }}</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/ConvertTo-UnicodePassword.md</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Disable-ADDBAccount</command:name>
      <command:verb>Disable</command:verb>
      <command:noun>ADDBAccount</command:noun>
      <maml:description>
        <maml:para>Disables an Active Directory account in an offline ntds.dit file.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Finds an account in Active Directory database file and modifies the appropriate bit in its userAccountControl attribute.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Disable-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Disable-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Disable-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Disable-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Force</maml:name>
        <maml:Description>
          <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
        <maml:name>SkipMetaUpdate</maml:name>
        <maml:Description>
          <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Disable-ADDBAccount -SamAccountName john -DatabasePath .\ntds.dit</dev:code>
        <dev:remarks>
          <maml:para>Finds an account with name john and disables it.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Disable-ADDBAccount.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Enable-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Enable-ADDBAccount</command:name>
      <command:verb>Enable</command:verb>
      <command:noun>ADDBAccount</command:noun>
      <maml:description>
        <maml:para>Enables an Active Directory account in an offline ntds.dit file.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Finds an account in Active Directory database file and modifies the appropriate bit in its userAccountControl attribute.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Enable-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Enable-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Enable-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Enable-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Force</maml:name>
        <maml:Description>
          <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
        <maml:name>SkipMetaUpdate</maml:name>
        <maml:Description>
          <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Enable-ADDBAccount -SamAccountName john -DatabasePath .\ntds.dit</dev:code>
        <dev:remarks>
          <maml:para>Finds an account with name john and enables it.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Enable-ADDBAccount.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Disable-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADDBAccount</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADDBAccount</command:noun>
      <maml:description>
        <maml:para>Reads one or more accounts from a ntds.dit file, including secret attributes.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Reads one or more accounts from an Active Directory database file. When provided with a boot key (AKA SysKey or system key), it also decrypts secret attributes.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="AllAccounts, ReturnAllAccounts">
          <maml:name>All</maml:name>
          <maml:Description>
            <maml:para>Indicates that all accounts will be read from the selected database.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADDBAccount</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account that will be retrieved from the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADDBAccount</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account that will be retrieved from the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADDBAccount</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account that will be retrieved from the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADDBAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account that will be retrieved from the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="AllAccounts, ReturnAllAccounts">
        <maml:name>All</maml:name>
        <maml:Description>
          <maml:para>Indicates that all accounts will be read from the selected database.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
        <maml:name>BootKey</maml:name>
        <maml:Description>
          <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt values of secret attributes.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account that will be retrieved from the database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account that will be retrieved from the database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account that will be retrieved from the database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account that will be retrieved from the database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DSAccount</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBAccount -SamAccountName Administrator `
                        -DatabasePath 'C:\IFM Backup\Active Directory\ntds.dit'
&lt;# Sample Output:
DistinguishedName: CN=Administrator,CN=Users,DC=contoso,DC=com
Sid: S-1-5-21-1236425271-2880748467-2592687428-500
Guid: b3d02974-6b1c-484c-9103-fd2f60d592c4
SamAccountName: Administrator
SamAccountType: User
UserPrincipalName:
PrimaryGroupId: 513
SidHistory:
Enabled: True
UserAccountControl: NormalAccount, PasswordNeverExpires
SupportedEncryptionTypes: Default
AdminCount: True
Deleted: False
LastLogonDate: 2/23/2015 10:27:18 AM
DisplayName:
GivenName:
Surname:
Description: Built-in account for administering the computer/domain
ServicePrincipalName:
SecurityDescriptor: DiscretionaryAclPresent, SystemAclPresent, DiscretionaryAclAutoInherited, SystemAclAutoInherited, DiscretionaryAclProtected, SelfRelative
Owner: S-1-5-21-1236425271-2880748467-2592687428-512
Secrets
  NTHash:
  LMHash:
  NTHashHistory:
  LMHashHistory:
  SupplementalCredentials:
Key Credentials:
Credential Roaming
  Created:
  Modified:
  Credentials:
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Retrieves information about a single account from an Active Directory database. Secret attributes are not decrypted as no boot key is provided.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $key = Get-BootKey -SystemHiveFilePath 'C:\IFM Backup\registry\SYSTEM'
PS C:\&gt; Get-ADDBAccount -DistinguishedName: 'CN=Joe Smith,OU=Employees,DC=contoso,DC=com' `
                        -BootKey $key `
                        -DatabasePath 'C:\IFM Backup\Active Directory\ntds.dit'
&lt;# Sample Output:
DistinguishedName: CN=Joe Smith,OU=Employees,DC=contoso,DC=com
Sid: S-1-5-21-1236425271-2880748467-2592687428-1110
Guid: 6fb7aca4-fe85-4dc5-9acd-b5b2529fe2bc
SamAccountName: joe
SamAccountType: User
UserPrincipalName: [email protected]
PrimaryGroupId: 513
SidHistory:
Enabled: True
UserAccountControl: NormalAccount, PasswordNeverExpires
SupportedEncryptionTypes: Default
AdminCount: False
Deleted: False
LastLogonDate:  2/23/2015 10:27:18 AM
DisplayName: Joe Smith
GivenName: Joe
Surname: Smith
Description:
ServicePrincipalName:
SecurityDescriptor: DiscretionaryAclPresent, SystemAclPresent, DiscretionaryAclAutoInherited, SystemAclAutoInherited, SelfRelative
Owner: S-1-5-21-1236425271-2880748467-2592687428-512
Secrets
  NTHash: 92937945b518814341de3f726500d4ff
  LMHash:
  NTHashHistory:
    Hash 01: 92937945b518814341de3f726500d4ff
  LMHashHistory:
    Hash 01: 30ce97eef1084cf1656cc4be70d68600
  SupplementalCredentials:
    ClearText:
    NTLMStrongHash: 2c6d57beebeafdae65b3f40f2a0d5430
    Kerberos:
      Credentials:
        DES_CBC_MD5
          Key: 7f16bc4ada0b8a52
      OldCredentials:
      Salt: CONTOSO.COMjoe
      Flags: 0
    KerberosNew:
      Credentials:
        AES256_CTS_HMAC_SHA1_96
          Key: cd541be0838c787b5c6a34d7b19274aee613545a0e6cc6f5ac5918d8a464d24f
          Iterations: 4096
        AES128_CTS_HMAC_SHA1_96
          Key: 5c88972747bd454704c117ae52c474e4
          Iterations: 4096
        DES_CBC_MD5
          Key: 7f16bc4ada0b8a52
          Iterations: 4096
      OldCredentials:
      OlderCredentials:
      ServiceCredentials:
      Salt: CONTOSO.COMjoe
      DefaultIterationCount: 4096
      Flags: 0
    WDigest:
      Hash 01: 61fed940f0e8d03a49d3727f55800497
      Hash 02: a1d54499dda6a6b5431f29a8d741a640
      Hash 03: b6cdf00bc0c4578992f718de81251721
      Hash 04: 61fed940f0e8d03a49d3727f55800497
      Hash 05: a1d54499dda6a6b5431f29a8d741a640
      Hash 06: 9a8991bd99763df2e37f1e1e67d71cc8
      Hash 07: 61fed940f0e8d03a49d3727f55800497
      Hash 08: 8a9fe94883c8ccf3bcfc6591ddd2288f
      Hash 09: 8a9fe94883c8ccf3bcfc6591ddd2288f
      Hash 10: 1b7b16b49ecd8d9d59c1d0db6fa2cc36
      Hash 11: d4c24695cfa4dc3810a469d5efb8ecaf
      Hash 12: 8a9fe94883c8ccf3bcfc6591ddd2288f
      Hash 13: a5b8aa5088280298c8c27fa99dcaa1e3
      Hash 14: d4c24695cfa4dc3810a469d5efb8ecaf
      Hash 15: 1aa8e567622fe53d6fb36f1f34f12aaa
      Hash 16: 1aa8e567622fe53d6fb36f1f34f12aaa
      Hash 17: 2af425244079f8f45927c34fa115e45b
      Hash 18: cf283a35102b820e25003b1ddf270221
      Hash 19: b98c902c57449253e6f06b5d585866bd
      Hash 20: 2a690b1eeda9cb8f3157a4a3ba0be9c3
      Hash 21: af2654776d5f9f27f3283ecb0aa25011
      Hash 22: af2654776d5f9f27f3283ecb0aa25011
      Hash 23: ba6fe0513ed2a60ec253a41bbde6a837
      Hash 24: 8bf5a67b598087be948e040f85c72b4d
      Hash 25: 8bf5a67b598087be948e040f85c72b4d
      Hash 26: aa5ff46d23a5c7ebd603e1793225350d
      Hash 27: 656b6a7f5b52d05b3ce9168a2b7ac8ac
      Hash 28: ae884c92ecd87e8d54f1844f09c5a519
      Hash 29: a500a9e26afc9f817df8a07e15771577
Key Credentials:
  Usage=NGC, Source=ActiveDirectory, Device=1966d4da-14da-4581-a7a7-5e8e07e93ad9, Created=8/1/2019 10:53:12 PM, LastLogon=8/1/2019 10:53:12 PM
  Usage=NGC, Source=ActiveDirectory, Device=cfe9a872-13ff-4751-a777-aec88c30a762, Created=8/1/2019 11:09:15 PM, LastLogon=8/1/2019 11:09:15 PM
Credential Roaming
  Created: 3/12/2017 9:15:56 AM
  Modified: 3/13/2017 10:01:18 AM
  Credentials:
    DPAPIMasterKey: joe\Protect\S-1-5-21-1236425271-2880748467-2592687428-1110\47070660-c259-4d90-8bc9-187605323450
    DPAPIMasterKey: joe\Protect\S-1-5-21-1236425271-2880748467-2592687428-1110\7fc19508-7b85-4a7c-9e5d-15f9e00e7ce5
    CryptoApiCertificate: joe\SystemCertificates\My\Certificates\574E4687133998544C0095C7B348C52CD398182E
    CNGCertificate: joe\SystemCertificates\My\Certificates\3B83BFA7037F6A79B3F3D17D229E1BC097F35B51
    RSAPrivateKey: joe\Crypto\RSA\S-1-5-21-1236425271-2880748467-2592687428-1110\701577141985b6923998dcca035c007a_f8b7bbef-d227-4ac7-badd-3a238a7f741e
    CNGPrivateKey: joe\Crypto\Keys\E8F13C2BA0209401C4DFE839CD57375E26BBE38F
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Retrieves information about a single account from an Active Directory database. Secret attributes are decrypted using the provided boot key.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 3 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $results = Get-ADDBAccount -DatabasePath '.\Active Directory\ntds.dit' `
                                   -BootKey acdba64a3929261b04e5270c3ef973cf `
                                   -All  |
                   Test-PasswordQuality -WeakPasswordHashesSortedFile pwned-passwords-ntlm-ordered-by-hash-v5.txt</dev:code>
        <dev:remarks>
          <maml:para>Performs an offline credential hygiene audit of AD database against HIBP.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 4 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBAccount -All -DatabasePath ntds.dit -BootKey $key |
            Format-Custom -View PwDump |
            Out-File -FilePath users.pwdump -Encoding ascii</dev:code>
        <dev:remarks>
          <maml:para>Exports NT and LM password hashes from an Active Directory database to a pwdump file.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 5 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBBackupKey -DatabasePath '.\ADBackup\Active Directory\ntds.dit' `
                          -BootKey 0be7a2afe1713642182e9b96f73a75da |
            Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ADDBAccount -All -DatabasePath '.\ADBackup\Active Directory\ntds.dit' |
            Save-DPAPIBlob -DirectoryPath '.\Output'</dev:code>
        <dev:remarks>
          <maml:para>Extracts DPAPI backup keys and roamed credentials (certificates, private keys, and DPAPI master keys) from an Active Directory database file and saves them to the Output directory. Also creates a file called kiwiscript.txt that contains mimikatz commands needed to decrypt the private keys.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 6 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBAccount -All -DatabasePath '.\ADBackup\Active Directory\ntds.dit' |
            Select-Object -ExpandProperty KeyCredentials |
            Where-Object Usage -eq NGC |
            Format-Table -View ROCA
&lt;# Sample Output:

Usage IsWeak Source  DeviceId                             Created    Owner
----- ------ ------  --------                             -------    -----
NGC   True   AzureAD fd591087-245c-4ff5-a5ea-c14de5e2b32d 2017-07-19 CN=John Doe,CN=Users,DC=contoso,DC=com
NGC   False  AD      1966d4da-14da-4581-a7a7-5e8e07e93ad9 2019-08-01 CN=Jane Doe,CN=Users,DC=contoso,DC=com
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Lists weak public keys registered in Active Directory that were generated on ROCA-vulnerable TPMs.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 7 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $dc = Get-ADDBDomainController -DatabasePath '.\ADBackup\Active Directory\ntds.dit'
PS C:\&gt; $adminSid = '{0}-500' -f $dc.DomainSid           
PS C:\&gt; $account = Get-ADDBAccount -Sid $adminSid `
                                   -DatabasePath '.\ADBackup\Active Directory\ntds.dit' `
                                   -BootKey 0be7a2afe1713642182e9b96f73a75da</dev:code>
        <dev:remarks>
          <maml:para>Retrieves information about a the the built-in Administrator account, even if it was renamed.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADDBAccount.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-BootKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADSIAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Test-PasswordQuality</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Save-DPAPIBlob</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADKeyCredential</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADDBBackupKey</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADDBBackupKey</command:noun>
      <maml:description>
        <maml:para>Reads the DPAPI backup keys from a ntds.dit file.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Reads and decrypts Data Protection API (DPAPI) backup keys from an Active Directory database file. The output can be saved to the file system using the Save-DPAPIBlob cmdlet.</maml:para>
      <maml:para>DPAPI is used by several components of Windows to securely store passwords, encryption keys and other sensitive data. When DPAPI is used in an Active Directory domain environment, a copy of user's master key is encrypted with a so-called DPAPI Domain Backup Key that is known to all domain controllers. Windows Server 2000 DCs use a symmetric key and newer systems use a public/private key pair. If the user password is reset and the original master key is rendered inaccessible to the user, the user's access to the master key is automatically restored using the backup key.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADDBBackupKey</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
        <maml:name>BootKey</maml:name>
        <maml:Description>
          <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt values of secret attributes.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DPAPIBackupKey</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $key = Get-BootKey -SystemHiveFilePath '.\ADBackup\registry\SYSTEM'
PS C:\&gt; Get-ADDBBackupKey -DatabasePath '.\ADBackup\Active Directory\ntds.dit' `
                          -BootKey $key | Format-List
&lt;# Sample Output:

FilePath          : ntds_legacy_b116cbfa-b881-43e6-ba85-ef3efa64ba22.key
KiwiCommand       : 
Type              : LegacyKey
DistinguishedName : CN=BCKUPKEY_b116cbfa-b881-43e6-ba85-ef3efa64ba22 
                    Secret,CN=System,DC=contoso,DC=com
KeyId             : b116cbfa-b881-43e6-ba85-ef3efa64ba22
Data              : {1, 0, 0, 0...}

FilePath          : 
KiwiCommand       : 
Type              : PreferredLegacyKeyPointer
DistinguishedName : CN=BCKUPKEY_P Secret,CN=System,DC=contoso,DC=com
KeyId             : b116cbfa-b881-43e6-ba85-ef3efa64ba22
Data              : {250, 203, 22, 177...}

FilePath          : ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pvk
KiwiCommand       : REM Add this parameter to at least the first dpapi::masterkey 
                    command: /pvk:"ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pvk"
Type              : RSAKey
DistinguishedName : CN=BCKUPKEY_290914ed-b1a8-482e-a89f-7caa217bf3c3 
                    Secret,CN=System,DC=contoso,DC=com
KeyId             : 290914ed-b1a8-482e-a89f-7caa217bf3c3
Data              : {2, 0, 0, 0...}

FilePath          : 
KiwiCommand       : 
Type              : PreferredRSAKeyPointer
DistinguishedName : CN=BCKUPKEY_PREFERRED Secret,CN=System,DC=contoso,DC=com
KeyId             : 290914ed-b1a8-482e-a89f-7caa217bf3c3
Data              : {237, 20, 9, 41...}
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Extracts the boot key (AKA SysKey or system key) from a backup of the SYSTEM registry hive and decrypts all DPAPI backup keys stored in the an Active Directory database file.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBBackupKey -DatabasePath '.\ADBackup\Active Directory\ntds.dit' `
                          -BootKey 0be7a2afe1713642182e9b96f73a75da |
             Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ChildItem -Path '.\Output' | Select-Object -ExpandProperty Name
&lt;# Sample Output:
kiwiscript.txt
ntds_legacy_b116cbfa-b881-43e6-ba85-ef3efa64ba22.key
ntds_capi_4cee80c0-b6c6-406c-a68b-c0e5818bc436.cer
ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pfx
ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pvk
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Exports DPAPI backup keys to the Output directory.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADDBBackupKey.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Save-DPAPIBlob</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-LsaBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADDBDomainController</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADDBDomainController</command:noun>
      <maml:description>
        <maml:para>Reads information about the originating DC from a ntds.dit file, including domain name, domain SID, DC name and DC site.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Reads domain controller (DC) infromation from a ntds.dit file that is either retrieved from an offline DC or from an (IFM) backup.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADDBDomainController</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.PowerShell.DomainController</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBDomainController -DatabasePath .\ntds.dit
&lt;# Sample Output:
Name                       : LON-DC1
DNSHostName                : LON-DC1.contoso.com
ServerReference            : CN=LON-DC1,OU=Domain Controllers,DC=contoso,DC=com
DomainName                 : contoso.com
ForestName                 : contoso.com
NetBIOSDomainName          : contoso
DomainSid                  : S-1-5-21-1236425271-2880748467-2592687428
DomainGuid                 : 262d915a-3c58-4614-86c0-f9fb3f1aa1cd
Guid                       : 71ccee43-1c03-4ab1-910c-ed4168df5a33
Sid                        : S-1-5-21-1236425271-2880748467-2592687428-1111
DomainMode                 : WinThreshold
ForestMode                 : WinThreshold
SiteName                   : Default-First-Site-Name
DsaGuid                    : 0a8574e2-9361-4f3c-8528-ca73d7534f4b
InvocationId               : 14a1b16d-591c-45bc-a342-153090027bbc
IsADAM                     : False
IsGlobalCatalog            : True
Options                    : GlobalCatalog
OSName                     : Windows Server 2019 Datacenter
OSVersion                  : 10.0
OSVersionMajor             : 10
OSVersionMinor             : 0
DomainNamingContext        : DC=contoso,DC=com
ConfigurationNamingContext : CN=Configuration,DC=contoso,DC=com
SchemaNamingContext        : CN=Schema,CN=Configuration,DC=contoso,DC=com
WritablePartitions         : {DC=contoso,DC=com, CN=Configuration,DC=contoso,DC=com, CN=Schema,CN=Configuration,DC=contoso,DC=com, DC=DomainDnsZones,DC=contoso,DC=com...}
State                      : BackedUp
HighestCommittedUsn        : 69642
UsnAtIfm                   :
BackupUsn                  : 65812
BackupExpiration           : 2/4/2020 6:32:27 AM
Epoch                      : 961
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Reads DC information from a ntds.dit file located in the working directory.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADDBDomainController.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBDomainController</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBPrimaryGroup</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Add-ADDBSidHistory</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADDBKdsRootKey</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADDBKdsRootKey</command:noun>
      <maml:description>
        <maml:para>Reads KDS Root Keys from a ntds.dit. file. Can be used to aid DPAPI-NG decryption, e.g. SID-protected PFX files.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>KDS Root Keys are used to encrypt the following:</maml:para>
      <maml:para>- SID-protected private keys in PFX certificate files</maml:para>
      <maml:para>- BitLocker-enabled drives with SID protector</maml:para>
      <maml:para>- Passwords of Group Managed Service Accounts (GMSA)</maml:para>
      <maml:para>- DNSSEC signing keys</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADDBKdsRootKey</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.KdsRootKey</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBKdsRootKey -DatabasePath '.\ADBackup\Active Directory\ntds.dit'
&lt;# Sample Output:
Id: 6a401799-8dd0-0b2c-3073-beb7ce2e734d
Version: 1
Creation Time: 7/27/2019 6:23:26 PM
Effective Time: 7/27/2019 8:23:26 AM
Domain Controller: CN=LON-DC1,OU=Domain Controllers,DC=contoso,DC=com
Key
  C16A0D16B80307D9CF102C7DB11F69FE015EB0DCD85C2FC0A5005C10E9DB963AC1E18BF161882ABEEAFF1B01CD50076F3C6F7807323253AB9598DBE027A77DD7
Key Derivation Function
  Algorithm: SP800_108_CTR_HMAC
  Parameters: {[0, SHA512]}
Secret Agreement
  Algorithm: DH
  Public Key Length: 2048
  Private Key Length: 512
  Parameters
    0c0200004448504d0001000087a8e61db4b6663cffbbd19c651959998ceef608660dd0f25d2ceed4435e3b00e00df8f1d61957d4faf7df4561b2aa3016c3d91134096fa 
    a3bf4296d830e9a7c209e0c6497517abd5a8a9d306bcf67ed91f9e6725b4758c022e0b1ef4275bf7b6c5bfc11d45f9088b941f54eb1e59bb8bc39a0bf12307f5c4fdb70
    c581b23f76b63acae1caa6b7902d52526735488a0ef13c6d9a51bfa4ab3ad8347796524d8ef6a167b5a41825d967e144e5140564251ccacb83e6b486f6b3ca3f7971506 
    026c0b857f689962856ded4010abd0be621c3a3960a54e710c375f26375d7014103a4b54330c198af126116d2276e11715f693877fad7ef09cadb094ae91e1a15973fb3 
    2c9b73134d0b2e77506660edbd484ca7b18f21ef205407f4793a1a0ba12510dbc15077be463fff4fed4aac0bb555be3a6c1b0c6b47b1bc3773bf7e8c6f62901228f8c28 
    cbb18a55ae31341000a650196f931c77a57f2ddf463e5e9ec144b777de62aaab8a8628ac376d282d6ed3864e67982428ebc831d14348f6f2f9193b5045af2767164e1df 
    c967c1fb3f2e55a4bd1bffe83b9c80d052b985d182ea0adb2a3b7313d3fe14c8484b1e052588b9b7d2bbd2df016199ecd06e1557cd0915b3353bbb64e0ec377fd028370 
    df92b52c7891428cdc67eb6184b523d1db246c32f63078490f00ef8d647d148d47954515e2327cfef98c582664b4c0f6cc41659
#&gt;

PS C:\&gt; .\CQDPAPINGPFXDecrypter.exe /pfx Certificate.p12 /master C16A0D16B80307D9CF102C7DB11F69FE015EB0DCD85C2FC0A5005C10E9DB963AC1E18BF161882ABEEAFF1B01CD50076F3C6F7807323253AB9598DBE027A77DD7
&lt;# Sample Output:
Successfully decrypted password: VBGpKPryuiWBSyq/+CjC0WjNsnZ1xS3Hs6IqGZwa0BM=
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Retrieves a KDS Root Key from an AD database and then uses the "CQURE DPAPI NG PFX Decrypter" to decrypt the password of the PFX file.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADDBKdsRootKey.md</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADDBSchemaAttribute</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADDBSchemaAttribute</command:noun>
      <maml:description>
        <maml:para>Reads AD schema from a ntds.dit file, including datatable column names.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>{{Fill in the Description}}</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADDBSchemaAttribute</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="LdapDisplayName, AttributeName, AttrName, Attr">
          <maml:name>Name</maml:name>
          <maml:Description>
            <maml:para>Specifies the name of a specific attribute to retrieve.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue>
          <dev:type>
            <maml:name>String[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="LdapDisplayName, AttributeName, AttrName, Attr">
        <maml:name>Name</maml:name>
        <maml:Description>
          <maml:para>Specifies the name of a specific attribute to retrieve.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue>
        <dev:type>
          <maml:name>String[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String[]</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.PowerShell.SchemaAttribute</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; {{ Add example code here }}</dev:code>
        <dev:remarks>
          <maml:para>{{ Add example description here }}</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADDBSchemaAttribute.md</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADKeyCredential</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADKeyCredential</command:noun>
      <maml:description>
        <maml:para>Creates an object representing Windows Hello for Business or FIDO credentials from its binary representation or an X.509 certificate.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>This cmdlet can be used to display existing key credentials from Active Directory (including NGC, STK and FIDO keys) and to generate new NGC credentials from self-signed certificates. See the examples for more info.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADKeyCredential</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Binary">
          <maml:name>BinaryData</maml:name>
          <maml:Description>
            <maml:para>Specifies the credentials in binary/hexadecimal format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="DistinguishedName, DN, ObjectDN, HolderDN, Holder, Owner, UserPrincipalName, UPN">
          <maml:name>OwnerDN</maml:name>
          <maml:Description>
            <maml:para>Specifies the distinguished name (DN) of the object that these credentials are associated with.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADKeyCredential</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
          <maml:name>Certificate</maml:name>
          <maml:Description>
            <maml:para>Specifies a certificate that wraps an NGC key.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue>
          <dev:type>
            <maml:name>X509Certificate2</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="ComputerId, ComputerGuid">
          <maml:name>DeviceId</maml:name>
          <maml:Description>
            <maml:para>Specifies an identifier (typically objectGUID) of the associated computer.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="CreatedTime, TimeCreated, TimeGenerated">
          <maml:name>CreationTime</maml:name>
          <maml:Description>
            <maml:para>Specifies the time when the key was created. Default value is the current time.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">DateTime</command:parameterValue>
          <dev:type>
            <maml:name>DateTime</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="DistinguishedName, DN, ObjectDN, HolderDN, Holder, Owner, UserPrincipalName, UPN">
          <maml:name>OwnerDN</maml:name>
          <maml:Description>
            <maml:para>Specifies the distinguished name (DN) of the object that these credentials are associated with.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADKeyCredential</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
          <maml:name>Certificate</maml:name>
          <maml:Description>
            <maml:para>Specifies a certificate that wraps an NGC key.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue>
          <dev:type>
            <maml:name>X509Certificate2</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="CreatedTime, TimeCreated, TimeGenerated">
          <maml:name>CreationTime</maml:name>
          <maml:Description>
            <maml:para>Specifies the time when the key was created. Default value is the current time.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">DateTime</command:parameterValue>
          <dev:type>
            <maml:name>DateTime</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>IsComputerKey</maml:name>
          <maml:Description>
            <maml:para>Indicates that the resulting key credential must meet the DS-Validated-Write-Computer requirements.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="DistinguishedName, DN, ObjectDN, HolderDN, Holder, Owner, UserPrincipalName, UPN">
          <maml:name>OwnerDN</maml:name>
          <maml:Description>
            <maml:para>Specifies the distinguished name (DN) of the object that these credentials are associated with.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADKeyCredential</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="DNWithBinary, DistinguishedNameWithBinary">
          <maml:name>DNWithBinaryData</maml:name>
          <maml:Description>
            <maml:para>Specifies the credentials in the DN-Binary syntax.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue>
          <dev:type>
            <maml:name>String[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Binary">
        <maml:name>BinaryData</maml:name>
        <maml:Description>
          <maml:para>Specifies the credentials in binary/hexadecimal format.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
        <maml:name>Certificate</maml:name>
        <maml:Description>
          <maml:para>Specifies a certificate that wraps an NGC key.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue>
        <dev:type>
          <maml:name>X509Certificate2</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="CreatedTime, TimeCreated, TimeGenerated">
        <maml:name>CreationTime</maml:name>
        <maml:Description>
          <maml:para>Specifies the time when the key was created. Default value is the current time.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">DateTime</command:parameterValue>
        <dev:type>
          <maml:name>DateTime</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="ComputerId, ComputerGuid">
        <maml:name>DeviceId</maml:name>
        <maml:Description>
          <maml:para>Specifies an identifier (typically objectGUID) of the associated computer.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="DNWithBinary, DistinguishedNameWithBinary">
        <maml:name>DNWithBinaryData</maml:name>
        <maml:Description>
          <maml:para>Specifies the credentials in the DN-Binary syntax.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue>
        <dev:type>
          <maml:name>String[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>IsComputerKey</maml:name>
        <maml:Description>
          <maml:para>Indicates that the resulting key credential must meet the DS-Validated-Write-Computer requirements.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="DistinguishedName, DN, ObjectDN, HolderDN, Holder, Owner, UserPrincipalName, UPN">
        <maml:name>OwnerDN</maml:name>
        <maml:Description>
          <maml:para>Specifies the distinguished name (DN) of the object that these credentials are associated with.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String[]</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.KeyCredential</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADObject -LDAPFilter '(msDS-KeyCredentialLink=*)' -Properties msDS-KeyCredentialLink |
            Select-Object -ExpandProperty msDS-KeyCredentialLink |
            Get-ADKeyCredential
&lt;# Sample Output:

Usage Source  Flags       DeviceId                             Created    Owner
----- ------  -----       --------                             -------    -----
NGC   AD      None        cfe9a872-13ff-4751-a777-aec88c30a762 2019-08-01 CN=John Doe,CN=Users,DC=contoso,DC=com
STK   AD      None                                             2017-08-23 CN=PC01,CN=Computers,DC=contoso,DC=com
NGC   AD      MFANotUsed                                       2017-08-23 CN=PC02,CN=Computers,DC=contoso,DC=com
NGC   AzureAD None        fd591087-245c-4ff5-a5ea-c14de5e2b32d 2017-07-19 CN=John Doe,CN=Users,DC=contoso,DC=com
FIDO  AzureAD Attestation 00000000-0000-0000-0000-000000000000 2019-08-26 CN=John Doe,CN=Users,DC=contoso,DC=com

#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Lists all key credentials that are registered in Active Directory.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADObject -LDAPFilter '(msDS-KeyCredentialLink=*)' -Properties msDS-KeyCredentialLink |
            Select-Object -ExpandProperty msDS-KeyCredentialLink |
            Get-ADKeyCredential |
            Where-Object Usage -eq NGC |
            Format-Table -View ROCA
&lt;# Sample Output:

Usage IsWeak Source  DeviceId                             Created    Owner
----- ------ ------  --------                             -------    -----
NGC   True   AzureAD fd591087-245c-4ff5-a5ea-c14de5e2b32d 2017-07-19 CN=John Doe,CN=Users,DC=contoso,DC=com
NGC   False  AD      1966d4da-14da-4581-a7a7-5e8e07e93ad9 2019-08-01 CN=Jane Doe,CN=Users,DC=contoso,DC=com

#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Lists weak public keys registered in Active Directory that were generated on ROCA-vulnerable TPMs.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 3 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADObject -LDAPFilter '(msDS-KeyCredentialLink=*)' -Properties msDS-KeyCredentialLink |
            Select-Object -ExpandProperty msDS-KeyCredentialLink |
            Get-ADKeyCredential |
            Where-Object Usage -eq NGC |
            Format-Custom -View Moduli |
            Out-File -FilePath .\moduli.txt -Encoding ascii -Force</dev:code>
        <dev:remarks>
          <maml:para>Exports all RSA public key moduli from NGC keys to a file in BASE64 encoding. This format is supported by the original Python ROCA Detection Tool.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 4 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADObject -LDAPFilter '(msDS-KeyCredentialLink=*)' -Properties msDS-KeyCredentialLink |
            Select-Object -ExpandProperty msDS-KeyCredentialLink |
            Get-ADKeyCredential |
            Where-Object Usage -eq FIDO |
            Format-Table -View FIDO
&lt;# Sample Output:

DisplayName           AAGUID                               Alg   Counter Created    Owner
-----------           ------                               ---   ------- -------    -----
eWMB Goldengate G320  87dbc5a1-4c94-4dc8-8a47-97d800fd1f3c ES256      37 2019-08-29 CN=John Doe,CN=Users,DC=contoso,DC=com
eWBM Goldengate G310  95442b2e-f15e-4def-b270-efb106facb4e ES256      48 2019-08-29 CN=John Doe,CN=Users,DC=contoso,DC=com
Yubikey 5             cb69481e-8ff7-4039-93ec-0a2729a154a8 ES256      25 2019-06-21 CN=John Doe,CN=Users,DC=contoso,DC=com
Feitian All-In-Pass   12ded745-4bed-47d4-abaa-e713f51d6393 ES256    1398 2020-03-31 CN=John Doe,CN=Users,DC=contoso,DC=com

#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Lists FIDO tokens registered in Active Directory.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 5 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADUser -Identity john -Properties msDS-KeyCredentialLink |
    Select-Object -ExpandProperty msDS-KeyCredentialLink |
    Get-ADKeyCredential |
    Out-GridView -OutputMode Multiple -Title 'Select a credentials for removal...' |
    ForEach-Object { Set-ADObject -Identity $PSItem.Owner -Remove @{ 'msDS-KeyCredentialLink' = $PSItem.ToDNWithBinary() } }</dev:code>
        <dev:remarks>
          <maml:para>Selectively deletes key credentials from Active Directory.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 6 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $upn = '[email protected]'
PS C:\&gt; $userSid = 'S-1-5-21-1236425271-2880748467-2592687428-1109'
PS C:\&gt; $certificateSubject = '{0}/{1}/login.windows.net/383a3889-5bc9-47a3-846c-2b70f0b7fe0e/{2}' -f $userSid, (New-Guid), $upn
PS C:\&gt; $certificate = New-SelfSignedCertificate -Subject $certificateSubject `
                                                 -KeyLength 2048 `
                                                 -Provider 'Microsoft Strong Cryptographic Provider' `
                                                 -CertStoreLocation Cert:\CurrentUser\My `
                                                 -NotAfter (Get-Date).AddYears(30) `
                                                 -TextExtension '2.5.29.19={text}false', '2.5.29.37={text}1.3.6.1.4.1.311.20.2.2' `
                                                 -SuppressOid '2.5.29.14' `
                                                 -KeyUsage None `
                                                 -KeyExportPolicy Exportable
PS C:\&gt; $ngcKey = Get-ADKeyCredential -Certificate $certificate -DeviceId (New-Guid) -OwnerDN 'CN=John Doe,CN=Users,DC=contoso,DC=com'
PS C:\&gt; Set-ADObject -Identity $ngcKey.Owner -Add @{ 'msDS-KeyCredentialLink' = $ngcKey.ToDNWithBinary() }</dev:code>
        <dev:remarks>
          <maml:para>Generates a new NGC key for a user account and registers it in Active Directory. Note that the value of the certificate Subject has no effect on the functionality, but as it appears in DC logs, this example uses the same format as Windows does.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 7 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $certificate = New-SelfSignedCertificate -Subject 'S-1-5-21-1236425271-2880748467-2592687428-1001' `
                                                 -KeyLength 2048 `
                                                 -Provider 'Microsoft Strong Cryptographic Provider' `
                                                 -CertStoreLocation Cert:\LocalMachine\My `
                                                 -NotAfter (Get-Date).AddYears(30) `
                                                 -TextExtension '2.5.29.19={text}false', '2.5.29.37={text}1.3.6.1.4.1.311.20.2.2' `
                                                 -SuppressOid '2.5.29.14' `
                                                 -KeyUsage None `
                                                 -KeyExportPolicy Exportable
PS C:\&gt; $ngcKey = Get-ADKeyCredential -IsComputerKey -Certificate $certificate -OwnerDN 'CN=PC01,CN=Computers,DC=contoso,DC=com'
PS C:\&gt; Set-ADComputer -Identity 'PC01$' -Clear msDS-KeyCredentialLink -Add @{ 'msDS-KeyCredentialLink' = $ngcKey.ToDNWithBinary() }</dev:code>
        <dev:remarks>
          <maml:para>Performs a validated write of computer NGC key. Must be executed under the computer account's identity.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADKeyCredential.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Add-ADReplNgcKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-AzureADUserEx</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADReplAccount</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADReplAccount</command:noun>
      <maml:description>
        <maml:para>Reads one or more accounts through the MS-DRSR protocol, including secret attributes.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Reads one or more accounts from a target Active Directory domain controller through the MS-DRSR protocol, including secret attributes.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADReplAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="AllAccounts, ReturnAllAccounts">
          <maml:name>All</maml:name>
          <maml:Description>
            <maml:para>Indidates that all accounts will be replicated from the target domain controller.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="NC, DomainNC, DomainNamingContext">
          <maml:name>NamingContext</maml:name>
          <maml:Description>
            <maml:para>Specifies the naming context root of the replica to replicate.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>TCP</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADReplAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>TCP</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADReplAccount</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="0" aliases="Login, sam, AccountName, User">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="AccountDomain, UserDomain">
          <maml:name>Domain</maml:name>
          <maml:Description>
            <maml:para>Specifies the NetBIOS domain name of the account that will be replicated.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>TCP</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADReplAccount</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>TCP</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADReplAccount</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>TCP</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-ADReplAccount</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>TCP</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="UPN">
          <maml:name>UserPrincipalName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="AllAccounts, ReturnAllAccounts">
        <maml:name>All</maml:name>
        <maml:Description>
          <maml:para>Indidates that all accounts will be replicated from the target domain controller.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Credential</maml:name>
        <maml:Description>
          <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
        <dev:type>
          <maml:name>PSCredential</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="AccountDomain, UserDomain">
        <maml:name>Domain</maml:name>
        <maml:Description>
          <maml:para>Specifies the NetBIOS domain name of the account that will be replicated.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="NC, DomainNC, DomainNamingContext">
        <maml:name>NamingContext</maml:name>
        <maml:Description>
          <maml:para>Specifies the naming context root of the replica to replicate.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
        <maml:name>Protocol</maml:name>
        <maml:Description>
          <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
        <dev:type>
          <maml:name>RpcProtocol</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>TCP</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="0" aliases="Login, sam, AccountName, User">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
        <maml:name>Server</maml:name>
        <maml:Description>
          <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="UPN">
        <maml:name>UserPrincipalName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of the account that will be replicated.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DSAccount</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADReplAccount -SamAccountName joe -Server 'lon-dc1.contoso.com'
&lt;# Sample Output:
DistinguishedName: CN=Joe Smith,OU=Employees,DC=contoso,DC=com
Sid: S-1-5-21-1236425271-2880748467-2592687428-1110
Guid: 6fb7aca4-fe85-4dc5-9acd-b5b2529fe2bc
SamAccountName: joe
SamAccountType: User
UserPrincipalName: [email protected]
PrimaryGroupId: 513
SidHistory:
Enabled: True
UserAccountControl: NormalAccount, PasswordNeverExpires
SupportedEncryptionTypes: Default
AdminCount: False
Deleted: False
LastLogonDate: 2/23/2015 10:27:18 AM
DisplayName: Joe Smith
GivenName: Joe
Surname: Smith
Description:
ServicePrincipalName:
SecurityDescriptor: DiscretionaryAclPresent, SystemAclPresent, DiscretionaryAclAutoInherited, SystemAclAutoInherited, SelfRelative
Owner: S-1-5-21-1236425271-2880748467-2592687428-512
Secrets
  NTHash: 92937945b518814341de3f726500d4ff
  LMHash:
  NTHashHistory:
    Hash 01: 92937945b518814341de3f726500d4ff
  LMHashHistory:
    Hash 01: 30ce97eef1084cf1656cc4be70d68600
  SupplementalCredentials:
    ClearText:
    NTLMStrongHash: 2c6d57beebeafdae65b3f40f2a0d5430
    Kerberos:
      Credentials:
        DES_CBC_MD5
          Key: 7f16bc4ada0b8a52
      OldCredentials:
      Salt: CONTOSO.COMjoe
      Flags: 0
    KerberosNew:
      Credentials:
        AES256_CTS_HMAC_SHA1_96
          Key: cd541be0838c787b5c6a34d7b19274aee613545a0e6cc6f5ac5918d8a464d24f
          Iterations: 4096
        AES128_CTS_HMAC_SHA1_96
          Key: 5c88972747bd454704c117ae52c474e4
          Iterations: 4096
        DES_CBC_MD5
          Key: 7f16bc4ada0b8a52
          Iterations: 4096
      OldCredentials:
      OlderCredentials:
      ServiceCredentials:
      Salt: CONTOSO.COMjoe
      DefaultIterationCount: 4096
      Flags: 0
    WDigest:
      Hash 01: 61fed940f0e8d03a49d3727f55800497
      Hash 02: a1d54499dda6a6b5431f29a8d741a640
      Hash 03: b6cdf00bc0c4578992f718de81251721
      Hash 04: 61fed940f0e8d03a49d3727f55800497
      Hash 05: a1d54499dda6a6b5431f29a8d741a640
      Hash 06: 9a8991bd99763df2e37f1e1e67d71cc8
      Hash 07: 61fed940f0e8d03a49d3727f55800497
      Hash 08: 8a9fe94883c8ccf3bcfc6591ddd2288f
      Hash 09: 8a9fe94883c8ccf3bcfc6591ddd2288f
      Hash 10: 1b7b16b49ecd8d9d59c1d0db6fa2cc36
      Hash 11: d4c24695cfa4dc3810a469d5efb8ecaf
      Hash 12: 8a9fe94883c8ccf3bcfc6591ddd2288f
      Hash 13: a5b8aa5088280298c8c27fa99dcaa1e3
      Hash 14: d4c24695cfa4dc3810a469d5efb8ecaf
      Hash 15: 1aa8e567622fe53d6fb36f1f34f12aaa
      Hash 16: 1aa8e567622fe53d6fb36f1f34f12aaa
      Hash 17: 2af425244079f8f45927c34fa115e45b
      Hash 18: cf283a35102b820e25003b1ddf270221
      Hash 19: b98c902c57449253e6f06b5d585866bd
      Hash 20: 2a690b1eeda9cb8f3157a4a3ba0be9c3
      Hash 21: af2654776d5f9f27f3283ecb0aa25011
      Hash 22: af2654776d5f9f27f3283ecb0aa25011
      Hash 23: ba6fe0513ed2a60ec253a41bbde6a837
      Hash 24: 8bf5a67b598087be948e040f85c72b4d
      Hash 25: 8bf5a67b598087be948e040f85c72b4d
      Hash 26: aa5ff46d23a5c7ebd603e1793225350d
      Hash 27: 656b6a7f5b52d05b3ce9168a2b7ac8ac
      Hash 28: ae884c92ecd87e8d54f1844f09c5a519
      Hash 29: a500a9e26afc9f817df8a07e15771577
Key Credentials:
  Usage=NGC, Source=ActiveDirectory, Device=1966d4da-14da-4581-a7a7-5e8e07e93ad9, Created=8/1/2019 10:53:12 PM, LastLogon=8/1/2019 10:53:12 PM
  Usage=NGC, Source=ActiveDirectory, Device=cfe9a872-13ff-4751-a777-aec88c30a762, Created=8/1/2019 11:09:15 PM, LastLogon=8/1/2019 11:09:15 PM
Credential Roaming
  Created: 3/12/2017 9:15:56 AM
  Modified: 3/13/2017 10:01:18 AM
  Credentials:
    DPAPIMasterKey: joe\Protect\S-1-5-21-1236425271-2880748467-2592687428-1110\47070660-c259-4d90-8bc9-187605323450
    DPAPIMasterKey: joe\Protect\S-1-5-21-1236425271-2880748467-2592687428-1110\7fc19508-7b85-4a7c-9e5d-15f9e00e7ce5
    CryptoApiCertificate: joe\SystemCertificates\My\Certificates\574E4687133998544C0095C7B348C52CD398182E
    CNGCertificate: joe\SystemCertificates\My\Certificates\3B83BFA7037F6A79B3F3D17D229E1BC097F35B51
    RSAPrivateKey: joe\Crypto\RSA\S-1-5-21-1236425271-2880748467-2592687428-1110\701577141985b6923998dcca035c007a_f8b7bbef-d227-4ac7-badd-3a238a7f741e
    CNGPrivateKey: joe\Crypto\Keys\E8F13C2BA0209401C4DFE839CD57375E26BBE38F
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Replicates a single Active Directory account from the target domain controller.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $accounts = Get-ADReplAccount -All -Server 'lon-dc1.contoso.com'</dev:code>
        <dev:remarks>
          <maml:para>Replicates all Active Directory accounts from the target domain controller.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 3 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $results = Get-ADReplAccount -All -Server 'lon-dc1.contoso.com' |
                   Test-PasswordQuality -WeakPasswordHashesSortedFile pwned-passwords-ntlm-ordered-by-hash-v5.txt</dev:code>
        <dev:remarks>
          <maml:para>Performs an online credential hygiene audit of AD against HIBP.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 4 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADReplAccount -All -Server LON-DC1 |
            Format-Custom -View PwDump |
            Out-File -FilePath users.pwdump -Encoding ascii</dev:code>
        <dev:remarks>
          <maml:para>Replicates all Active Directory accounts from the target domain controller and exports their NT and LM password hashes to a pwdump file.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 5 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADReplBackupKey -Server 'lon-dc1.adatum.com' | Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ADReplAccount -All -Server 'lon-dc1.adatum.com' | Save-DPAPIBlob -DirectoryPath '.\Output'</dev:code>
        <dev:remarks>
          <maml:para>Replicates all DPAPI backup keys and roamed credentials (certificates, private keys, and DPAPI master keys) from the target Active Directory domain controller and saves them to the Output directory. Also creates a file called kiwiscript.txt that contains mimikatz commands needed to decrypt the private keys.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADReplAccount.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADSIAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Test-PasswordQuality</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Save-DPAPIBlob</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADReplBackupKey</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADReplBackupKey</command:noun>
      <maml:description>
        <maml:para>Reads the DPAPI backup keys from a domain controller through the MS-DRSR protocol.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Replicates the Data Protection API (DPAPI) backup keys from an Active Directory domain controller through the MS-DRSR protocol. The output can be saved to the file system using the Save-DPAPIBlob cmdlet.</maml:para>
      <maml:para>DPAPI is used by several components of Windows to securely store passwords, encryption keys and other sensitive data. When DPAPI is used in an Active Directory domain environment, a copy of user's master key is encrypted with a so-called DPAPI Domain Backup Key that is known to all domain controllers. Windows Server 2000 DCs use a symmetric key and newer systems use a public/private key pair. If the user password is reset and the original master key is rendered inaccessible to the user, the user's access to the master key is automatically restored using the backup key.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADReplBackupKey</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="FQDN, DomainName, DNSDomainName">
          <maml:name>Domain</maml:name>
          <maml:Description>
            <maml:para>Specifies the DNS name of the target Active Directory domain.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
          <maml:name>Protocol</maml:name>
          <maml:Description>
            <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
          </maml:Description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">TCP</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">SMB</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">HTTP</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
          <dev:type>
            <maml:name>RpcProtocol</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Credential</maml:name>
        <maml:Description>
          <maml:para>Specifies a user account that has permission to perform this action. The default is the current user.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
        <dev:type>
          <maml:name>PSCredential</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="FQDN, DomainName, DNSDomainName">
        <maml:name>Domain</maml:name>
        <maml:Description>
          <maml:para>Specifies the DNS name of the target Active Directory domain.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Proto, RPCProtocol, NCACN">
        <maml:name>Protocol</maml:name>
        <maml:Description>
          <maml:para>Specifies the protocol sequence that is used for RPC communication.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">RpcProtocol</command:parameterValue>
        <dev:type>
          <maml:name>RpcProtocol</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC">
        <maml:name>Server</maml:name>
        <maml:Description>
          <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DPAPIBackupKey</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADReplBackupKey -Server 'lon-dc1.contoso.com'
&lt;# Sample Output:

FilePath          : ntds_legacy_b116cbfa-b881-43e6-ba85-ef3efa64ba22.key
KiwiCommand       : 
Type              : LegacyKey
DistinguishedName : CN=BCKUPKEY_b116cbfa-b881-43e6-ba85-ef3efa64ba22 
                    Secret,CN=System,DC=contoso,DC=com
KeyId             : b116cbfa-b881-43e6-ba85-ef3efa64ba22
Data              : {1, 0, 0, 0...}

FilePath          : 
KiwiCommand       : 
Type              : PreferredLegacyKeyPointer
DistinguishedName : CN=BCKUPKEY_P Secret,CN=System,DC=contoso,DC=com
KeyId             : b116cbfa-b881-43e6-ba85-ef3efa64ba22
Data              : {250, 203, 22, 177...}

FilePath          : ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pvk
KiwiCommand       : REM Add this parameter to at least the first dpapi::masterkey 
                    command: /pvk:"ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pvk"
Type              : RSAKey
DistinguishedName : CN=BCKUPKEY_290914ed-b1a8-482e-a89f-7caa217bf3c3 
                    Secret,CN=System,DC=contoso,DC=com
KeyId             : 290914ed-b1a8-482e-a89f-7caa217bf3c3
Data              : {2, 0, 0, 0...}

FilePath          : 
KiwiCommand       : 
Type              : PreferredRSAKeyPointer
DistinguishedName : CN=BCKUPKEY_PREFERRED Secret,CN=System,DC=contoso,DC=com
KeyId             : 290914ed-b1a8-482e-a89f-7caa217bf3c3
Data              : {237, 20, 9, 41...}
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Replicates all DPAPI backup keys from the target Active Directory domain controller.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADReplBackupKey -Server 'lon-dc1.adatum.com' | Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ChildItem -Path '.\Output' | Select-Object -ExpandProperty Name
&lt;# Sample Output:
kiwiscript.txt
ntds_legacy_b116cbfa-b881-43e6-ba85-ef3efa64ba22.key
ntds_capi_4cee80c0-b6c6-406c-a68b-c0e5818bc436.cer
ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pfx
ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pvk
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Replicates all DPAPI backup keys from the target Active Directory domain controller and saves them to the Output directory.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADReplBackupKey.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Save-DPAPIBlob</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-LsaBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-ADSIAccount</command:name>
      <command:verb>Get</command:verb>
      <command:noun>ADSIAccount</command:noun>
      <maml:description>
        <maml:para>Gets all Active Directory user accounts from a given domain controller using ADSI. Typically used for Credential Roaming data retrieval through LDAP.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Gets all Active Directory user accounts from a given domain controller using ADSI/LDAP. Typically used for Credential Roaming data retrieval and NGC key auditing.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-ADSIAccount</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies a user account to use when connecting to the target domain controller. The default is the current user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC, ComputerName">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Credential</maml:name>
        <maml:Description>
          <maml:para>Specifies a user account to use when connecting to the target domain controller. The default is the current user.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
        <dev:type>
          <maml:name>PSCredential</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Host, DomainController, DC, ComputerName">
        <maml:name>Server</maml:name>
        <maml:Description>
          <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DSAccount</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-LsaBackupKey -ComputerName 'lon-dc1.contoso.com' | Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ADSIAccount -Server 'lon-dc1.contoso.com' | Save-DPAPIBlob -DirectoryPath '.\Output'</dev:code>
        <dev:remarks>
          <maml:para>Retrieves DPAPI backup keys from the target domain controller through the MS-LSAD protocol. Also retrieves roamed credentials (certificates, private keys, and DPAPI master keys) from this domain controller through LDAP and saves them to the Output directory. Also creates a file called kiwiscript.txt that contains mimikatz commands needed to decrypt the private keys.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADSIAccount -Server 'lon-dc1.contoso.com' |
            Select-Object -ExpandProperty KeyCredentials |
            Where-Object Usage -eq NGC |
            Format-Table -View ROCA
&lt;# Sample Output:

Usage IsWeak Source  DeviceId                             Created    Owner
----- ------ ------  --------                             -------    -----
NGC   True   AzureAD fd591087-245c-4ff5-a5ea-c14de5e2b32d 2017-07-19 CN=John Doe,CN=Users,DC=contoso,DC=com
NGC   False  AD      1966d4da-14da-4581-a7a7-5e8e07e93ad9 2019-08-01 CN=Jane Doe,CN=Users,DC=contoso,DC=com
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Lists weak public keys registered in Active Directory that were generated on ROCA-vulnerable TPMs.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADSIAccount.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Save-DPAPIBlob</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADKeyCredential</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-AzureADUserEx</command:name>
      <command:verb>Get</command:verb>
      <command:noun>AzureADUserEx</command:noun>
      <maml:description>
        <maml:para>Gets a user from Azure AD, including the associated FIDO and NGC keys.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>The Get-AzureADUserEx cmdlet uses an undocumented Azure AD Graph API endpoint to retrieve the normally hidden searchableDeviceKeys attribute of user accounts. This attribute holds different types of key credentials, including the FIDO2 and NGC keys that are used by Windows Hello for Business.</maml:para>
      <maml:para>This cmdlet is not intended to replace the Get-AzureADUser cmdlet from Microsoft's AzureAD module. Only a handful of attributes are retrieved from Azure Active Directory and authentication fully relies on the Connect-AzureAD cmdlet.</maml:para>
      <maml:para>No administrative role is required to perform this operation. The cmdlet was tested on a tenant with 150,000 user accounts and ran under 5 minutes.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-AzureADUserEx</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Token">
          <maml:name>AccessToken</maml:name>
          <maml:Description>
            <maml:para>Specifies the access token retrieved by the Connect-AzureAD cmdlet.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="AllUsers">
          <maml:name>All</maml:name>
          <maml:Description>
            <maml:para>If true, return all users. If false, return the first 999 objects.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Tenant">
          <maml:name>TenantId</maml:name>
          <maml:Description>
            <maml:para>Specifies the Azure AD tenant to perform the search in. If not specified, the tenant of the authenticated user will be used.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-AzureADUserEx</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Token">
          <maml:name>AccessToken</maml:name>
          <maml:Description>
            <maml:para>Specifies the access token retrieved by the Connect-AzureAD cmdlet.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Identity, Id, UserId, ObjectGuid">
          <maml:name>ObjectId</maml:name>
          <maml:Description>
            <maml:para>Specifies the identity of a user in Azure AD.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Tenant">
          <maml:name>TenantId</maml:name>
          <maml:Description>
            <maml:para>Specifies the Azure AD tenant to perform the search in. If not specified, the tenant of the authenticated user will be used.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-AzureADUserEx</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Token">
          <maml:name>AccessToken</maml:name>
          <maml:Description>
            <maml:para>Specifies the access token retrieved by the Connect-AzureAD cmdlet.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Tenant">
          <maml:name>TenantId</maml:name>
          <maml:Description>
            <maml:para>Specifies the Azure AD tenant to perform the search in. If not specified, the tenant of the authenticated user will be used.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="UPN, UserName">
          <maml:name>UserPrincipalName</maml:name>
          <maml:Description>
            <maml:para>Specifies the UPN of a user in Azure AD.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Token">
        <maml:name>AccessToken</maml:name>
        <maml:Description>
          <maml:para>Specifies the access token retrieved by the Connect-AzureAD cmdlet.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="AllUsers">
        <maml:name>All</maml:name>
        <maml:Description>
          <maml:para>If true, return all users. If false, return the first 999 objects.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Identity, Id, UserId, ObjectGuid">
        <maml:name>ObjectId</maml:name>
        <maml:Description>
          <maml:para>Specifies the identity of a user in Azure AD.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Tenant">
        <maml:name>TenantId</maml:name>
        <maml:Description>
          <maml:para>Specifies the Azure AD tenant to perform the search in. If not specified, the tenant of the authenticated user will be used.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="UPN, UserName">
        <maml:name>UserPrincipalName</maml:name>
        <maml:Description>
          <maml:para>Specifies the UPN of a user in Azure AD.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.AzureAD.AzureADUser</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Install-Module -Name AzureAD,DSInternals -Force
PS C:\&gt; Connect-AzureAD
PS C:\&gt; $token = [Microsoft.Open.Azure.AD.CommonLibrary.AzureSession]::AccessTokens['AccessToken'].AccessToken
PS C:\&gt; Get-AzureADUserEx -All -Token $token | Where-Object KeyCredentials -ne $null
&lt;# Sample Output:

ObjectId: af4cf208-16e0-429d-b574-2a09c5f30dea
UserPrincipalName: [email protected]
Enabled: True
DisplayName: John Doe
Key Credentials:
  Usage=FIDO, Source=AzureAD, Device=00000000-0000-0000-0000-000000000000, Created=12/12/2019 9:42:21 AM
  Usage=NGC, Source=AzureAD, Device=cbad3c94-b480-4fa6-9187-ff1ed42c4479, Created=11/17/2015 8:17:13 AM

ObjectId: 5dd9c7f0-9441-4c5a-b2df-ca7b889d8c4c
UserPrincipalName: [email protected]
Enabled: True
DisplayName: Peter Smith
Key Credentials:
  Usage=NGC, Source=AzureAD, Device=21c915a8-0326-47c4-8985-2aceda00eaee, Created=12/26/2019 1:22:17 PM
  Usage=NGC, Source=AzureAD, Device=ec45d71b-b5dd-45dc-beaf-e248cbcb2bd3, Created=12/24/2019 9:44:56 AM

#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Displays info about Azure AD users with key credentials. Authentication is handled by the AzureAD module.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Install-Module -Name AzureAD,DSInternals -Force
PS C:\&gt; Connect-AzureAD
PS C:\&gt; $token = [Microsoft.Open.Azure.AD.CommonLibrary.AzureSession]::AccessTokens['AccessToken'].AccessToken
PS C:\&gt; Get-AzureADUserEx -All -Token $token |
            Where-Object Enabled -eq $true |
            Select-Object -ExpandProperty KeyCredentials |
            Where-Object Usage -eq FIDO |
            Format-Table -View FIDO
&lt;# Sample Output:

DisplayName               AAGUID                               Alg   Counter Created    Owner
-----------               ------                               ---   ------- -------    -----
SoloKeys Tap              8876631b-d4a0-427f-5773-0ec71c9e0279 ES256     274 2019-08-29 [email protected]
SoloKeys Solo             8876631b-d4a0-427f-5773-0ec71c9e0279 ES256     281 2019-08-29 [email protected]
eWBM Goldengate G320      87dbc5a1-4c94-4dc8-8a47-97d800fd1f3c ES256      83 2019-08-29 [email protected]
eWBM Goldengate G310      95442b2e-f15e-4def-b270-efb106facb4e ES256       4 2019-08-29 [email protected]
Feitian BioPass FIDO2     77010bd7-212a-4fc9-b236-d2ca5e9d4084 ES256     261 2019-08-26 [email protected]
Yubico Security Key FIDO2 f8a011f3-8c0a-4d15-8006-17111f9edc7d ES256     257 2019-08-26 [email protected]
Feitian AllinPass FIDO2   12ded745-4bed-47d4-abaa-e713f51d6393 ES256     231 2019-08-26 [email protected]
YubiKey 5                 fa2b99dc-9e39-4257-8f92-4a30d23c4118 ES256     229 2019-08-26 [email protected]
YubiKey 5                 cb69481e-8ff7-4039-93ec-0a2729a154a8 ES256      25 2019-12-12 [email protected]
Feitian All-In-Pass       12ded745-4bed-47d4-abaa-e713f51d6393 ES256    1398 2020-03-31 [email protected]
eWBM Goldengate G320      87dbc5a1-4c94-4dc8-8a47-97d800fd1f3c ES256      37 2019-08-29 [email protected]
eWBM Goldengate G310      95442b2e-f15e-4def-b270-efb106facb4e ES256      48 2019-08-29 [email protected]

#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Lists all FIDO2 tokens registered in an Azure AD tenant, but only on accounts that are enabled.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 3 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-AzureADUserEx -All -Token $token |
            Where-Object Enabled -eq $true |
            Select-Object -ExpandProperty KeyCredentials |
            Where-Object Usage -eq NGC |
            Format-Table -View ROCA
&lt;# Sample Output:

Usage IsWeak Source  DeviceId                             Created    Owner
----- ------ ------  --------                             -------    -----
NGC   True   AzureAD fd591087-245c-4ff5-a5ea-c14de5e2b32d 2017-07-19 [email protected]
NGC   False  AzureAD 1966d4da-14da-4581-a7a7-5e8e07e93ad9 2019-08-01 [email protected]

#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Lists weak public keys registered in Azure Active Directory that were generated on ROCA-vulnerable TPMs.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 4 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-AzureADTenantDetail | Out-Null
PS C:\&gt; $token = [Microsoft.Open.Azure.AD.CommonLibrary.AzureSession]::AccessTokens['AccessToken'].AccessToken
PS C:\&gt; Get-AzureADUserEx -UserPrincipalName '[email protected]' -Token $token

&lt;# Sample Output:

ObjectId: af4cf208-16e0-429d-b574-2a09c5f30dea
UserPrincipalName: [email protected]
Enabled: True
DisplayName: John Doe
Key Credentials:
  Usage=FIDO, Source=AzureAD, Device=00000000-0000-0000-0000-000000000000, Created=12/12/2019 9:42:21 AM
  Usage=NGC, Source=AzureAD, Device=cbad3c94-b480-4fa6-9187-ff1ed42c4479, Created=11/17/2015 8:17:13 AM

#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Gets information about a single Azure Active Directory user. If necessary, the access token is automatically refreshed by the standard Get-AzureADTenantDetail cmdlet.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 5 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-AzureADUserEx -UserPrincipalName '[email protected]' -AccessToken $token |
            ForEach-Object { $PSItem.KeyCredentials.FidoKeyMaterial }

&lt;# Sample Output:

Version: 1
DisplayName: SoloKeys Tap
AttestationCertificates
  [email protected], CN=solokeys.com, OU=Authenticator Attestation, O=Solo Keys, S=Maryland, C=US
AuthenticatorData
  RelyingPartyIdHash: 356c9ed4a09321b9695f1eaf918203f1b55f689da61fbc96184c157dda680c81
  Flags: UserPresent, UserVerified, AttestationData, ExtensionData
  SignatureCount: 274
  AttestedCredentialData
    AAGUID: 8876631b-d4a0-427f-5773-0ec71c9e0279
    CredentialID: 9d0c595c03cd6c9dd22b0b8f852585302c2d5a13f77669251406c390de6ba42a63f3ea6632a39cd8bc505184352541367725a5283689d825f4355fe2016af2f0008112010000
    PublicKeyAlgorithm: ES256
  Extensions: {"hmac-secret": true}

Version: 1
DisplayName: SoloKeys Solo
AttestationCertificates
  [email protected], CN=solokeys.com, OU=Authenticator Attestation, O=Solo Keys, S=Maryland, C=US
AuthenticatorData
  RelyingPartyIdHash: 356c9ed4a09321b9695f1eaf918203f1b55f689da61fbc96184c157dda680c81
  Flags: UserPresent, UserVerified, AttestationData, ExtensionData
  SignatureCount: 281
  AttestedCredentialData
    AAGUID: 8876631b-d4a0-427f-5773-0ec71c9e0279
    CredentialID: ac5373c1eaa6722c351db6554715fd534906f5c98f4548b8390fe11b97325a943f0905d0a9de19765385f9bce512673128a95e3fea15f53ee46dbe307d0f94c84d8119010000
    PublicKeyAlgorithm: ES256
  Extensions: {"hmac-secret": true}

Version: 1
DisplayName: eWBM Goldengate G320
AttestationCertificates
  [email protected], CN=eWBM FIDO2 Certificate, OU=Authenticator Attestation, O="eWBM Co., Ltd.", L=Gangnam-Gu, S=Seoul-Si, C=KR
AuthenticatorData
  RelyingPartyIdHash: 356c9ed4a09321b9695f1eaf918203f1b55f689da61fbc96184c157dda680c81
  Flags: UserPresent, UserVerified, AttestationData, ExtensionData
  SignatureCount: 83
  AttestedCredentialData
    AAGUID: 87dbc5a1-4c94-4dc8-8a47-97d800fd1f3c
    CredentialID: fb64eb483921507239317b6f5f1d7a0b9499afd4dd0698eaa55ad8871fe1c25a
    PublicKeyAlgorithm: ES256
  Extensions: {"hmac-secret": true}

Version: 1
DisplayName: eWBM Goldengate G310
AttestationCertificates
  [email protected], CN=eWBM FIDO2 Certificate, OU=Authenticator Attestation, O="eWBM Co., Ltd.", L=Gangnam-Gu, S=Seoul-Si, C=KR
AuthenticatorData
  RelyingPartyIdHash: 356c9ed4a09321b9695f1eaf918203f1b55f689da61fbc96184c157dda680c81
  Flags: UserPresent, UserVerified, AttestationData, ExtensionData
  SignatureCount: 4
  AttestedCredentialData
    AAGUID: 95442b2e-f15e-4def-b270-efb106facb4e
    CredentialID: 4dd34d8760bc0e92fcb53b64cc1c354ac7112931bd6f53c0a6aabba7c813c36d
    PublicKeyAlgorithm: ES256
  Extensions: {"hmac-secret": true}

Version: 1
DisplayName: Feitian BioPass FIDO2
AttestationCertificates
  CN=FT BioPass FIDO2 USB, OU=Authenticator Attestation, O=Feitian Technologies, C=US
AuthenticatorData
  RelyingPartyIdHash: 356c9ed4a09321b9695f1eaf918203f1b55f689da61fbc96184c157dda680c81
  Flags: UserPresent, UserVerified, AttestationData, ExtensionData
  SignatureCount: 261
  AttestedCredentialData
    AAGUID: 77010bd7-212a-4fc9-b236-d2ca5e9d4084
    CredentialID: db2baabf8450f6af3b931b35acc7d5f77ebe4ed98cf0b55c0513cff31e18520d
    PublicKeyAlgorithm: ES256
  Extensions: {"hmac-secret": true}

Version: 1
DisplayName: Yubico Security Key FIDO2
AttestationCertificates
  CN=Yubico U2F EE Serial 8513128192, OU=Authenticator Attestation, O=Yubico AB, C=SE
AuthenticatorData
  RelyingPartyIdHash: 356c9ed4a09321b9695f1eaf918203f1b55f689da61fbc96184c157dda680c81
  Flags: UserPresent, UserVerified, AttestationData, ExtensionData
  SignatureCount: 257
  AttestedCredentialData
    AAGUID: f8a011f3-8c0a-4d15-8006-17111f9edc7d
    CredentialID: 09956acca523d532e04c647a4a158664
    PublicKeyAlgorithm: ES256
  Extensions: {"hmac-secret": true}

Version: 1
DisplayName: Feitian AllinPass FIDO2
AttestationCertificates
  CN=FT BioPass FIDO2 0470, OU=Authenticator Attestation, O=Feitian Technologies, C=US
AuthenticatorData
  RelyingPartyIdHash: 356c9ed4a09321b9695f1eaf918203f1b55f689da61fbc96184c157dda680c81
  Flags: UserPresent, UserVerified, AttestationData, ExtensionData
  SignatureCount: 231
  AttestedCredentialData
    AAGUID: 12ded745-4bed-47d4-abaa-e713f51d6393
    CredentialID: 59dc5439faef677d7e81688a27604a205dab922978372062c5c10206639c3c00
    PublicKeyAlgorithm: ES256
  Extensions: {"hmac-secret": true}

Version: 1
DisplayName: YubiKey 5
AttestationCertificates
  CN=Yubico U2F EE Serial 14818162, OU=Authenticator Attestation, O=Yubico AB, C=SE
AuthenticatorData
  RelyingPartyIdHash: 356c9ed4a09321b9695f1eaf918203f1b55f689da61fbc96184c157dda680c81
  Flags: UserPresent, UserVerified, AttestationData, ExtensionData
  SignatureCount: 229
  AttestedCredentialData
    AAGUID: fa2b99dc-9e39-4257-8f92-4a30d23c4118
    CredentialID: bc879d1e8da27d5f29a66d9a457ac1d8
    PublicKeyAlgorithm: ES256
  Extensions: {"hmac-secret": true}

#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Displays details about FIDO2 keys registered in Azure Active Directory by a specific user.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-AzureADUserEx.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-AzureADUserEx</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADKeyCredential</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-BootKey</command:name>
      <command:verb>Get</command:verb>
      <command:noun>BootKey</command:noun>
      <maml:description>
        <maml:para>Reads the Boot Key (AKA SysKey or System Key) from an online or offline SYSTEM registry hive.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>The BootKey/SysKey is an encryption key that is stored in the Windows SYSTEM registry hive. This key is used by several Windows components to encrypt sensitive information like the AD database, machine account password or system certificates etc.</maml:para>
      <maml:para>The Boot Key is returned in hexadecimal format.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-BootKey</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Online</maml:name>
          <maml:Description>
            <maml:para>Specifies that the action is to be taken on the operating system that is currently running on the local computer.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Get-BootKey</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="Path, FilePath, SystemHivePath, HivePath">
          <maml:name>SystemHiveFilePath</maml:name>
          <maml:Description>
            <maml:para>Path to an offline SYSTEM registry hive.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Online</maml:name>
        <maml:Description>
          <maml:para>Specifies that the action is to be taken on the operating system that is currently running on the local computer.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="Path, FilePath, SystemHivePath, HivePath">
        <maml:name>SystemHiveFilePath</maml:name>
        <maml:Description>
          <maml:para>Path to an offline SYSTEM registry hive.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-BootKey -Online
0be7a2afe1713642182e9b96f73a75da</dev:code>
        <dev:remarks>
          <maml:para>Retrieves the BootKey from the currently running OS.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; reg.exe SAVE HKLM\SYSTEM C:\RegBackup\SYSTEM.hiv
PS C:\&gt; $key = Get-BootKey -SystemHiveFilePath C:\RegBackup\SYSTEM.hiv</dev:code>
        <dev:remarks>
          <maml:para>Creates a backup of the SYSTEM registry hive and then retrieves the BootKey from this backup.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-BootKey.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBAccountPassword</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBAccountPasswordHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBBootKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-LsaBackupKey</command:name>
      <command:verb>Get</command:verb>
      <command:noun>LsaBackupKey</command:noun>
      <maml:description>
        <maml:para>Reads the DPAPI backup keys from a domain controller through the LSARPC protocol.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Reads the Data Protection API (DPAPI) backup keys from an Active Directory domain controller through the MS-LSAD (AKA LSARPC) protocol. The output can be saved to the file system using the Save-DPAPIBlob cmdlet.</maml:para>
      <maml:para>DPAPI is used by several components of Windows to securely store passwords, encryption keys and other sensitive data. When DPAPI is used in an Active Directory domain environment, a copy of user's master key is encrypted with a so-called DPAPI Domain Backup Key that is known to all domain controllers. Windows Server 2000 DCs use a symmetric key and newer systems use a public/private key pair. If the user password is reset and the original master key is rendered inaccessible to the user, the user's access to the master key is automatically restored using the backup key.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-LsaBackupKey</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="Server, ServerName, Computer, Machine, MachineName, System, SystemName">
          <maml:name>ComputerName</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
            <maml:para>The default is the local computer. To specify the local computer, such as in a list of computer names, use "localhost", the local computer name, or a dot (.).</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="Server, ServerName, Computer, Machine, MachineName, System, SystemName">
        <maml:name>ComputerName</maml:name>
        <maml:Description>
          <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          <maml:para>The default is the local computer. To specify the local computer, such as in a list of computer names, use "localhost", the local computer name, or a dot (.).</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DPAPIBackupKey</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para>Administrative permissions on the target domain controller (DC) are required in order to retrieve DPAPI backup keys.</maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-LsaBackupKey -ComputerName LON-DC1
&lt;# Sample Output:

FilePath          : ntds_capi_b1c56a3e-ddf7-41dd-a5f3-44a2ed27a96d.pvk
KiwiCommand       : REM Add this parameter to at least the first dpapi::masterkey command:
                    /pvk:"ntds_capi_b1c56a3e-ddf7-41dd-a5f3-44a2ed27a96d.pvk"
Type              : RSAKey
DistinguishedName :
KeyId             : b1c56a3e-ddf7-41dd-a5f3-44a2ed27a96d
Data              : {2, 0, 0, 0...}

FilePath          : ntds_legacy_7882b20e-96ef-4ce5-a2b9-3efdccbbce28.key
KiwiCommand       :
Type              : LegacyKey
DistinguishedName :
KeyId             : 7882b20e-96ef-4ce5-a2b9-3efdccbbce28
Data              : {1, 0, 0, 0...}
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Displays the DPAPI domain backup keys.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-LsaBackupKey -ComputerName LON-DC1 | Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ChildItem -Path '.\Output' | Select-Object -ExpandProperty Name
&lt;# Sample Output:
kiwiscript.txt
ntds_legacy_b116cbfa-b881-43e6-ba85-ef3efa64ba22.key
ntds_capi_4cee80c0-b6c6-406c-a68b-c0e5818bc436.cer
ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pfx
ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pvk
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Saves the DPAPI domain backup keys to the Output directory.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-LsaBackupKey.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Save-DPAPIBlob</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-LsaPolicyInformation</command:name>
      <command:verb>Get</command:verb>
      <command:noun>LsaPolicyInformation</command:noun>
      <maml:description>
        <maml:para>Retrieves AD-related information from the Local Security Authority Policy of the local computer or a remote one.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>The Local Security Authority (LSA) is a protected subsystem of Windows that maintains information about all aspects of local security on a system, collectively known as the local security policy of the system.</maml:para>
      <maml:para>The local security policy of a system is a set of information about the security of a local computer.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-LsaPolicyInformation</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="Server, ServerName, Computer, Machine, MachineName, System, SystemName">
          <maml:name>ComputerName</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
            <maml:para>The default is the local computer. To specify the local computer, such as in a list of computer names, use "localhost", the local computer name, or a dot (.).</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="Server, ServerName, Computer, Machine, MachineName, System, SystemName">
        <maml:name>ComputerName</maml:name>
        <maml:Description>
          <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          <maml:para>The default is the local computer. To specify the local computer, such as in a list of computer names, use "localhost", the local computer name, or a dot (.).</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.PowerShell.LsaPolicyInformation</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-LSAPolicyInformation
&lt;# Sample Output:
Domain/Workgroup Name : WORKGROUP
Account Domain Name   : MYPC
Account Domain SID    : S-1-5-21-2814909047-1086830290-2660982408
Local Domain Name     : MYPC
Local Domain SID      : S-1-5-21-2814909047-1086830290-2660982408
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Retrieves LSA Policy from the local computer.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-LSAPolicyInformation -ComputerName LON-DC1
&lt;# Sample Output:
Domain/Workgroup Name : ADATUM
Forest DNS Name       : Adatum.com
Domain DNS Name       : Adatum.com
Domain GUID           : 281582b4-9d3e-449d-a238-676bd5844f56
Domain SID            : S-1-5-21-3180365339-800773672-3767752645
Account Domain Name   : ADATUM
Account Domain SID    : S-1-5-21-3180365339-800773672-3767752645
Local Domain Name     : LON-DC1
Local Domain SID      : S-1-5-21-2929860833-2984454239-2848460202
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Retrieves LSA Policy from a remote computer called LON-DC1.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-LsaPolicyInformation.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-LsaPolicyInformation</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-LsaBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>LSA Policy</maml:linkText>
        <maml:uri>https://docs.microsoft.com/en-us/windows/desktop/secmgmt/lsa-policy</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-SamPasswordPolicy</command:name>
      <command:verb>Get</command:verb>
      <command:noun>SamPasswordPolicy</command:noun>
      <maml:description>
        <maml:para>Queries Active Directory for the default password policy.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Retrieves the current password policy for a domain through the MS-SAMR protocol.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-SamPasswordPolicy</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies the user account credentials to use to perform this task. The default credentials are the credentials of the currently logged on user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Domain</maml:name>
          <maml:Description>
            <maml:para>Specifies the NetBIOS domain name. Local accounts are stored a domain called Builtin.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="ComputerName, Computer">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
            <maml:para>The default is the local computer. To specify the local computer, such as in a list of computer names, use "localhost", the local computer name, or a dot (.).</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>localhost</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Credential</maml:name>
        <maml:Description>
          <maml:para>Specifies the user account credentials to use to perform this task. The default credentials are the credentials of the currently logged on user.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
        <dev:type>
          <maml:name>PSCredential</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Domain</maml:name>
        <maml:Description>
          <maml:para>Specifies the NetBIOS domain name. Local accounts are stored a domain called Builtin.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="ComputerName, Computer">
        <maml:name>Server</maml:name>
        <maml:Description>
          <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          <maml:para>The default is the local computer. To specify the local computer, such as in a list of computer names, use "localhost", the local computer name, or a dot (.).</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>localhost</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.SAM.SamDomainPasswordInformation</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-SamPasswordPolicy -Domain CONTOSO -Server LON-DC1
&lt;# Sample Output:
MinPasswordLength           : 8
ComplexityEnabled           : True
ReversibleEncryptionEnabled : False
MaxPasswordAge              : 90.00:00:00.0
MinPasswordAge              : 01:00:00
PasswordHistoryCount        : 10
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Queries the LON-DC1 domain controller for default domain password policy.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-SamPasswordPolicy -Domain Builtin
&lt;# Sample Output:
MinPasswordLength           : 0
ComplexityEnabled           : False
ReversibleEncryptionEnabled : False
MaxPasswordAge              : 42.22:47:31.7437440
MinPasswordAge              : 00:00:00
PasswordHistoryCount        : 0
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Queries the local computer for its current password policy.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-SamPasswordPolicy.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-SamAccountPasswordHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>New-ADDBRestoreFromMediaScript</command:name>
      <command:verb>New</command:verb>
      <command:noun>ADDBRestoreFromMediaScript</command:noun>
      <maml:description>
        <maml:para>Generates a PowerShell script that can be used to restore a domain controller from an IFM-equivalent backup (i.e. ntds.dit + SYSVOL).</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>The New-ADDBRestoreFromMediaScript cmdlet was created to save the day under certain specific circumstances. Imagine a company that had been attacked by some ransomware to the extent that all their domain controllers have been wiped. Moreover, no proper System State backups of DCs are available, only file-level ones. As a consequence, they are not able to restore Active Directory, the time is ticking and their only option seems to be reinstalling the entire AD forest from scratch. It might be hard to believe that someone would have violated all the best practices and neglected planning for disaster recovery, but, alas, such situations have occurred in large enterprises during the 2017 NotPetya outbreak. I have therefore come up with a domain controller recovery method that I call Restore from Media (RFM). As already hinted, this method can be used to restore domain controllers from file-level backups.</maml:para>
      <maml:para>Unlike the Install from Media (IFM) (https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816722(v=ws.10)) method, the Restore from Media method does not require network connectivity to a live writable domain controller. Nevertheless, the same installation source ([IFM backup](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816574(v=ws.10)) with SYSVOL)can be used with both methods of DC installation.</maml:para>
      <maml:para>To perform the Restore from Media operation, you need to have the following:</maml:para>
      <maml:para>- A full Install from Media (IFM) backup of a domain controller or equivalent file-level backup. The backup must contain these files:</maml:para>
      <maml:para>	- Domain database file (ntds.dit)</maml:para>
      <maml:para>	- SYSTEM registry hive or a corresponding Boot Key / SysKey</maml:para>
      <maml:para>	- SYSVOL directory</maml:para>
      <maml:para>- A freshly installed Windows Server of the same version as the domain controller originally running the database that is to be restored. This information can be retrieved from the corresponding ntds.dit file using the Get-ADDBDomainController (Get-ADDBDomainController.md)cmdlet.</maml:para>
      <maml:para>- An isolated VLAN / virtual network as connectivity to any existing production domain controllers would have unforseen consequences.</maml:para>
      <maml:para>Follow these steps on the target server in order to restore the domain controller:</maml:para>
      <maml:para>1. In case of Windows Server 2008 (R2), run the `$PSVersionTable.PSVersion` to verify that at least PowerShell 3 is installed. Upgrade (https://docs.microsoft.com/en-us/powershell/wmf/overview)if necessary.</maml:para>
      <maml:para>2. Verify that the PowerShell Script Execution Policy (https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-6)is set to RemoteSigned, Unrestricted or Bypass in the LocalMachine scope.</maml:para>
      <maml:para>3. Install (https://github.com/MichaelGrafnetter/DSInternals/wiki/Installation)the DSInternals PowerShell module for all users.</maml:para>
      <maml:para>4. Copy the backup data to a local drive, e.g. C:\Backup.</maml:para>
      <maml:para>5. Run the `New-ADDBRestoreFromMediaScript -DatabasePath 'C:\Backup\Active Directory\ntds.dit' | Invoke-Expression` command.</maml:para>
      <maml:para>6. Sit back and watch the magic happen. Up to 3 reboots will follow and the entire process may take up to 20 minutes to finish. You should then end up with a fully functional domain controller.</maml:para>
      <maml:para>The script that is generated by the `New-ADDBRestoreFromMediaScript` cmdlet does the following actions:</maml:para>
      <maml:para>- Rename the server to match the original domain controller.</maml:para>
      <maml:para>- Install a new forest by promoting the server to a domain controller.</maml:para>
      <maml:para>- Replace the newly generated database file (ntds.dit) and SYSVOL directory by the original ones.</maml:para>
      <maml:para>- Re-encrypt the database using the local Boot Key.</maml:para>
      <maml:para>- Write the newly generated machine account password into ntds.dit.</maml:para>
      <maml:para>- Update the LSA Policy to match the SID and GUID of the domain that is being restored.</maml:para>
      <maml:para>- Reset the Invocation ID of the domain controller.</maml:para>
      <maml:para>- Reconfigure SYSVOL replication in case it has been restored to a different path.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>New-ADDBRestoreFromMediaScript</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the system key that encrypts secrets stored in the database specified by the -DatabasePath parameter. If none is specified, it is automatically extracted from a backup of the SYSTEM registry hive, provided that it is present in the ..\registry\SYSTEM path relative to the -DatabasePath parameter.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies a non-UNC path to the backup of domain database (ntds.dit file) that will be used to restore the domain controller.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies a non-UNC path to a directory that contains the backup of domain log files. If not specified, the value of the DatabasePath parameter is used.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SafeModeAdminPassword, AdminPassword, DSRMPassword">
          <maml:name>SafeModeAdministratorPassword</maml:name>
          <maml:Description>
            <maml:para>Supplies the password for the administrator account when the computer is started in Safe Mode or a variant of Safe Mode, such as Directory Services Restore Mode. If no value is specified for this parameter, the cmdlet prompts you to enter and confirm a masked password. If specified with a value, the value must be a secure string.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SysVol">
          <maml:name>SysvolPath</maml:name>
          <maml:Description>
            <maml:para>Specifies a non-UNC path to a directory that contains the backup of Sysvol data. If none is specified, the ..\SYSVOL\ path relative to the -DatabasePath parameter is used.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="key, SysKey, SystemKey">
        <maml:name>BootKey</maml:name>
        <maml:Description>
          <maml:para>Specifies the system key that encrypts secrets stored in the database specified by the -DatabasePath parameter. If none is specified, it is automatically extracted from a backup of the SYSTEM registry hive, provided that it is present in the ..\registry\SYSTEM path relative to the -DatabasePath parameter.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies a non-UNC path to the backup of domain database (ntds.dit file) that will be used to restore the domain controller.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies a non-UNC path to a directory that contains the backup of domain log files. If not specified, the value of the DatabasePath parameter is used.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SafeModeAdminPassword, AdminPassword, DSRMPassword">
        <maml:name>SafeModeAdministratorPassword</maml:name>
        <maml:Description>
          <maml:para>Supplies the password for the administrator account when the computer is started in Safe Mode or a variant of Safe Mode, such as Directory Services Restore Mode. If no value is specified for this parameter, the cmdlet prompts you to enter and confirm a masked password. If specified with a value, the value must be a secure string.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
        <dev:type>
          <maml:name>SecureString</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SysVol">
        <maml:name>SysvolPath</maml:name>
        <maml:Description>
          <maml:para>Specifies a non-UNC path to a directory that contains the backup of Sysvol data. If none is specified, the ..\SYSVOL\ path relative to the -DatabasePath parameter is used.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para>This recovery procedure is NOT SUPPORTED by Microsoft. Use at your own risk in situations when Active Directory forest reinstallation is the only other option.</maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; New-ADDBRestoreFromMediaScript -DatabasePath 'C:\IFM\Active Directory\ntds.dit' | Invoke-Expression</dev:code>
        <dev:remarks>
          <maml:para>Restores a domain controller from a previously created IFM backup.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; New-ADDBRestoreFromMediaScript -DatabasePath 'C:\IFM\Active Directory\ntds.dit' -BootKey 610bc29e6f62ca7004e9872cd51a0116 -SysvolPath 'C:\IFM\SYSVOL'</dev:code>
        <dev:remarks>
          <maml:para>Generates a domain controller restoration script from a previously created IFM backup. The script can then be reviewed, modified if necessary and executed manually.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 3 --------------------------</maml:title>
        <dev:code>ntdsutil.exe "activate instance ntds" ifm "create sysvol full c:\IFM" quit quit</dev:code>
        <dev:remarks>
          <maml:para>Creates an Install From Media (IFM) backup of a running domain controller. This backup can later be used by the New-ADDBRestoreFromMediaScript cmdlet.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 4 --------------------------</maml:title>
        <dev:code>&lt;#
.SYNOPSIS
Restores the LON-DC1 domain controller from ntds.dit.

.REMARKS
This script should only be executed on a freshly installed Windows Server 2012 R2 Datacenter Evaluation. Use at your own risk.
The DSInternals PowerShell module must be installed for all users on the target server.


Author: Michael Grafnetter

#&gt;
#Requires -Version 3 -Modules DSInternals,ServerManager,PSScheduledJob -RunAsAdministrator

# Perform a VSS backup before doing anything else.
Write-Host 'Creating a snapshot of the system drive to make rollback possible...'
$vssResult = ([wmiclass] 'Win32_ShadowCopy').Create("$env:SystemDrive\", 'ClientAccessible')

# The PS module must be present as workflows cannot contain non-existing activities.
Write-Host 'Installing the Active Directory module for Windows PowerShell...'
Add-WindowsFeature -Name RSAT-AD-PowerShell -ErrorAction Stop 

# All the other operations will be executed by a restartable workflow running in SYSTEM context.
Write-Host 'Registering restartable workflows...'

# Delete any pre-existing scheduled jobs with the same names before registering new ones.
Unregister-ScheduledJob -Name DSInternals-RFM-Initializer,DSInternals-RFM-Resumer -Force -ErrorAction SilentlyContinue

# The DSInternals-RFM-Initializer job will only be executed once in order to register the workflow and to invoke it for the first time.
$initTask = Register-ScheduledJob -Name DSInternals-RFM-Initializer -ScriptBlock {
    workflow Restore-DomainController
    {
        if ($env:COMPUTERNAME -ne 'LON-DC1')
        {
            # A server rename operation is required.
            Rename-Computer -NewName 'LON-DC1' -Force
            
            # We explicitly suspend the workflow as Restart-Computer with the -Wait parameter does not survive local reboots.
            shutdown.exe /r /t 5
            Suspend-Workflow -Label 'Waiting for reboot'
        }

        if ((Get-Service NTDS -ErrorAction SilentlyContinue) -eq $null)
        {
            # A DC promotion is required.
            # Note: In order to maintain compatibility with Windows Server 2008 R2, the ADDSDeployment module is not used.
            # Advice: It is recommenced to change the DSRM password after DC promotion.
            dcpromo.exe /unattend /ReplicaOrNewDomain:Domain /NewDomain:Forest /NewDomainDNSName:"adatum.com" /DomainNetBiosName:"ADATUM" /DomainLevel:7 /ForestLevel:7 '/SafeModeAdminPassword:"Pa$$w0rd"' /DatabasePath:"$env:SYSTEMROOT\NTDS" /LogPath:"$env:SYSTEMROOT\NTDS" /SysVolPath:"$env:SYSTEMROOT\SYSVOL" /AllowDomainReinstall:Yes /CreateDNSDelegation:No /DNSOnNetwork:No /InstallDNS:Yes /RebootOnCompletion:No
            Set-ItemProperty -Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\10 -Name ConfigurationStatus -Value 2 -Force

            &lt;# Alternative approach for Winows Server 2012+
            Install-WindowsFeature -Name AD-Domain-Services
            Install-ADDSForest -DomainName 'adatum.com' `
                               -DomainNetbiosName 'ADATUM' `
                               -ForestMode WinThreshold `
                               -DomainMode WinThreshold `
                               -DatabasePath "$env:SYSTEMROOT\NTDS" `
                               -LogPath "$env:SYSTEMROOT\NTDS" `
                               -SysvolPath "$env:SYSTEMROOT\SYSVOL" `
                               -InstallDns `
                               -CreateDnsDelegation:$false `
                               -NoDnsOnNetwork `
                               -SafeModeAdministratorPassword (ConvertTo-SecureString -String 'Pa$$w0rd' -AsPlainText -Force)`
                               -NoRebootOnCompletion `
                               -Force
            #&gt;
        }

        # Reboot the computer into the Directory Services Restore Mode.
        bcdedit.exe /set safeboot dsrepair 
        shutdown.exe /r /t 5
        Suspend-Workflow -Label 'Waiting for reboot'

        # Re-encrypt the DB with the new boot key.
        $currentBootKey = Get-BootKey -Online
        Set-ADDBBootKey -DatabasePath 'C:\Backup\Active Directory\ntds.dit' -LogPath 'C:\Backup\Active Directory' -OldBootKey 610bc29e6f62ca7004e9872cd51a0116 -NewBootKey $currentBootKey

        # Clone the DC account password.
        $ntdsParams = Get-ItemProperty -Path registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
        InlineScript {
            # Note: SupplementalCredentials do not get serialized properly without using the InlineScript activity.
            $dcAccount = Get-ADDBAccount -SamAccountName 'LON-DC1$' -DatabasePath $using:ntdsParams.'DSA Database file' -LogPath $using:ntdsParams.'Database log files path' -BootKey $using:currentBootKey
            Set-ADDBAccountPasswordHash -ObjectGuid 9bb4d6f4-060a-4585-9f18-625774e7c088 -NTHash $dcAccount.NTHash -SupplementalCredentials $dcAccount.SupplementalCredentials -DatabasePath 'C:\Backup\Active Directory\ntds.dit' -LogPath 'C:\Backup\Active Directory' -BootKey $using:currentBootKey
        }

        # Replace the database and transaction logs.
        robocopy.exe 'C:\Backup\Active Directory' $ntdsParams.'DSA Working Directory' *.dit *.edb *.chk *.jfm /MIR /NP /NDL /NJS
        robocopy.exe 'C:\Backup\Active Directory' $ntdsParams.'Database log files path' *.log *.jrs /MIR /NP /NDL /NJS

        # Replace SYSVOL.
        robocopy.exe 'C:\Backup\SYSVOL\Adatum.com' "$env:SYSTEMROOT\SYSVOL\domain" /MIR /XD DfsrPrivate /XJ /COPYALL /SECFIX /TIMFIX /NP /NDL

        # Reconfigure LSA policies. We would get into a BSOD loop if they do not match the corresponding values in the database.
        Set-LsaPolicyInformation -DomainName 'ADATUM' -DnsDomainName 'Adatum.com' -DnsForestName 'Adatum.com' -DomainGuid 279b615e-ae79-4c86-a61a-50f687b9f7b8 -DomainSid S-1-5-21-1817670852-3242289776-1304069626

        # Tell the DC that its DB has intentionally been restored. A new InvocationID will be generated as soon as the service starts.
        Set-ItemProperty -Path registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters -Name 'Database restored from backup' -Value 1 -Force
        Remove-ItemProperty -Path registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters -Name 'DSA Database Epoch' -Force

        # Disable DSRM and do one last reboot.
        bcdedit.exe /deletevalue safeboot
        shutdown.exe /r /t 5
        Suspend-Workflow -Label 'Waiting for reboot'

        # Reconfigure SYSVOL replication in case it has been restored to a different path.

        # Update DFS-R subscription if present in AD.
        $dfsrSubscriptionDN = 'CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=LON-DC1,OU=Domain Controllers,DC=Adatum,DC=com'
        $dfsrSubscription = Set-ADObject -Identity $dfsrSubscriptionDN -Server localhost -PassThru -ErrorAction SilentlyContinue -Replace @{
            'msDFSR-RootPath' = "$env:SYSTEMROOT\SYSVOL\domain";
            'msDFSR-StagingPath' = "$env:SYSTEMROOT\SYSVOL\staging areas\Adatum.com"
        }

        if($dfsrSubscription -ne $null)
        {
            # Download the updated DFS-R configuration from AD.
            Invoke-WmiMethod -Class DfsrConfig -Name PollDsNow -ArgumentList localhost -Namespace ROOT\MicrosoftDfs
        }

        # Update FRS subscription if present in AD.
        $frsSubscriptionDN = 'CN=Domain System Volume (SYSVOL share),CN=NTFRS Subscriptions,CN=LON-DC1,OU=Domain Controllers,DC=Adatum,DC=com'
        $frsSubscription = Set-ADObject -Identity $frsSubscriptionDN -Server localhost -PassThru -ErrorAction SilentlyContinue -Replace @{
            'fRSRootPath' = "$env:SYSTEMROOT\SYSVOL\domain";
            'fRSStagingPath' = "$env:SYSTEMROOT\SYSVOL\staging\domain"
        }

        if($frsSubscription -ne $null)
        {
            # Download the updated FRS configuration from AD.
            InlineScript { ntfrsutl.exe poll /now }
        }
    }

    # Delete any pre-existing workflows with the same name before starting a new one.
    Remove-Job -Name DSInternals-RFM-Workflow -Force -ErrorAction SilentlyContinue

    # Start the workflow.
    Restore-DomainController -JobName DSInternals-RFM-Workflow
}

# The DSInternals-RFM-Resumer job will be executed after each reboot to unpause the workflow.
$resumeTask = Register-ScheduledJob -Name DSInternals-RFM-Resumer -Trigger (New-JobTrigger -AtStartup) -ScriptBlock {
    # Unregister the one-time task that must already have been executed.
    Unregister-ScheduledJob -Name DSInternals-RFM-Initializer -Force -ErrorAction SilentlyContinue

    # Resume the workflow after the computer is rebooted.
    Resume-Job -Name DSInternals-RFM-Workflow -Wait | Wait-Job | where State -In Completed,Failed,Stopped | foreach {
        # Perform cleanup when finished.
        Remove-Job -Job $PSItem -Force
        Unregister-ScheduledJob -Name DSInternals-RFM-Resumer -Force
    }
}

# Configure the scheduled tasks to run under the SYSTEM account.
# Note: In order to maintain compatibility with Windows Server 2008 R2, the ScheduledTasks module is not used.
schtasks.exe /Change /TN '\Microsoft\Windows\PowerShell\ScheduledJobs\DSInternals-RFM-Initializer' /RU SYSTEM | Out-Null
schtasks.exe /Change /TN '\Microsoft\Windows\PowerShell\ScheduledJobs\DSInternals-RFM-Resumer' /RU SYSTEM | Out-Null

# Start the workflow task and let the magic happen.
Write-Host 'The LON-DC1 domain controller will now be restored from media. Up to 3 reboots will follow.'
pause
$initTask.RunAsTask()</dev:code>
        <dev:remarks>
          <maml:para></maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/New-ADDBRestoreFromMediaScript.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-BootKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBDomainController</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Remove-ADDBObject</command:name>
      <command:verb>Remove</command:verb>
      <command:noun>ADDBObject</command:noun>
      <maml:description>
        <maml:para>Physically removes specified object from a ntds.dit file, making it semantically inconsistent. Highly experimental!</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>{{Fill in the Description}}</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Remove-ADDBObject</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to remove the specified object from the target database.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf">
          <maml:name>Confirm</maml:name>
          <maml:Description>
            <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:Description>
            <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Remove-ADDBObject</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to remove the specified object from the target database.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf">
          <maml:name>Confirm</maml:name>
          <maml:Description>
            <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:Description>
            <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Force</maml:name>
        <maml:Description>
          <maml:para>Forces the cmdlet to remove the specified object from the target database.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf">
        <maml:name>Confirm</maml:name>
        <maml:Description>
          <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
        <maml:name>WhatIf</maml:name>
        <maml:Description>
          <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; {{ Add example code here }}</dev:code>
        <dev:remarks>
          <maml:para>{{ Add example description here }}</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Remove-ADDBObject.md</maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Save-DPAPIBlob</command:name>
      <command:verb>Save</command:verb>
      <command:noun>DPAPIBlob</command:noun>
      <maml:description>
        <maml:para>Saves DPAPI and Credential Roaming data retrieved from Active Directory to the filesystem for further processing.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>This cmdlet saves DPAPI-related data retrieved from Active Directory to a selected directory. It also creates a file called kiwiscript.txt that contains mimikatz commands needed to decrypt the private keys and to decode the certificates. Supports DPAPI backup keys returned by the Get-ADReplBackupKey, Get-ADDBBackupKey, and Get-LsaBackupKey cmdlets and roamed credentials (certificates, private keys, and DPAPI master keys) returned by the Get-ADReplAccount, Get-ADDBAccount, and Get-ADSIAccount cmdlets.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Save-DPAPIBlob</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="Path, OutputPath">
          <maml:name>DirectoryPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a target directory where the output file(s) will be saved.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="named" aliases="none">
          <maml:name>Account</maml:name>
          <maml:Description>
            <maml:para>Specifies an Active Directory account whose DPAPI-related attribute values will be exported to the target directory.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">DSAccount</command:parameterValue>
          <dev:type>
            <maml:name>DSAccount</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Save-DPAPIBlob</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="Path, OutputPath">
          <maml:name>DirectoryPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a target directory where the output file(s) will be saved.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="named" aliases="DPAPIBlob, Object, Blob, BackupKey">
          <maml:name>DPAPIObject</maml:name>
          <maml:Description>
            <maml:para>Specifies a DPAPI object (e.g. Domain Backup Key or Master Key) that will be saved to the target directory.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">DPAPIObject</command:parameterValue>
          <dev:type>
            <maml:name>DPAPIObject</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="named" aliases="none">
        <maml:name>Account</maml:name>
        <maml:Description>
          <maml:para>Specifies an Active Directory account whose DPAPI-related attribute values will be exported to the target directory.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">DSAccount</command:parameterValue>
        <dev:type>
          <maml:name>DSAccount</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="Path, OutputPath">
        <maml:name>DirectoryPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a target directory where the output file(s) will be saved.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="named" aliases="DPAPIBlob, Object, Blob, BackupKey">
        <maml:name>DPAPIObject</maml:name>
        <maml:Description>
          <maml:para>Specifies a DPAPI object (e.g. Domain Backup Key or Master Key) that will be saved to the target directory.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">DPAPIObject</command:parameterValue>
        <dev:type>
          <maml:name>DPAPIObject</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DPAPIObject</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DSAccount</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBBackupKey -DatabasePath '.\ADBackup\Active Directory\ntds.dit' `
                          -BootKey 0be7a2afe1713642182e9b96f73a75da |
             Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ADDBAccount -All -DatabasePath '.\ADBackup\Active Directory\ntds.dit' |
             Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ChildItem -Path '.\Output' -Recurse -File |
            Foreach-Object { $PSItem.FullName.Replace((Resolve-Path -Path '.\Output'), '') }
&lt;# Sample Output:
\kiwiscript.txt
\ntds_capi_4cee80c0-b6c6-406c-a68b-c0e5818bc436.cer
\ntds_capi_4cee80c0-b6c6-406c-a68b-c0e5818bc436.pfx
\ntds_capi_4cee80c0-b6c6-406c-a68b-c0e5818bc436.pvk
\ntds_legacy_d78736ad-5206-4eda-bfd4-cd10cc49d163.key
\Abbi\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-1304\99c6f954ca07d75267f9a369a0bf5cd3_9e75a609-18c7-4c98-8cd0-c34c3aeae423
\Abbi\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-1304\ba7577742c7900c29f8e7f8193ca5f6d_9e75a609-18c7-4c98-8cd0-c34c3aeae423
\Abbi\Protect\S-1-5-21-4534338-1127018997-2609994386-1304\eadae2b5-3933-434a-9bcf-804175877104
\Abbi\SystemCertificates\My\Certificates\366004B5FA21294B80B22DA1385F414C70DF611B
\Abbi\SystemCertificates\My\Certificates\6441367E7BF2D4C7DAA1CF27C72D6552F4A48B48
\Administrator\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-500\0b0c01d1f2bb6db4cd9496cd5e1214d6_f8b7bbef-d227-4ac7-badd-3a238a7f741e
\Administrator\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-500\2907acacb201238bd89fe63b20c6d23b_f8b7bbef-d227-4ac7-badd-3a238a7f741e
\Administrator\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-500\701577141985b6923998dcca035c007a_f8b7bbef-d227-4ac7-badd-3a238a7f741e
\Administrator\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-500\d881dc8bbed7c3a08f03b01de4b9f45f_f8b7bbef-d227-4ac7-badd-3a238a7f741e
\Administrator\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-500\e1b4cc613d831f27c664af17b8f98021_f8b7bbef-d227-4ac7-badd-3a238a7f741e
\Administrator\Protect\S-1-5-21-4534338-1127018997-2609994386-500\47070660-c259-4d90-8bc9-187605323450
\Administrator\Protect\S-1-5-21-4534338-1127018997-2609994386-500\e13655bb-9519-45aa-abf8-a50a7b01317a
\Administrator\SystemCertificates\My\Certificates\01ADA5237C2D2D1F1571247A239CA66B31885389
\Administrator\SystemCertificates\My\Certificates\5479CDDE0747E2CB5DF64F28A9E4AD3266AB27AF
\Administrator\SystemCertificates\My\Certificates\574E4687133998544C0095C7B348C52CD398182E
\Administrator\SystemCertificates\My\Certificates\B422F98237039C9836D24E22E5A92FCEC507EF89
\Administrator\SystemCertificates\My\Certificates\DBE2B5417D56BC061B05B7265A47D3595EEC6A32
\Administrator\SystemCertificates\Request\Certificates\AE1EBACC333E48E80C5DED7D0C644D80417CB6EC
\Lara\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-1359\1eceade740dd71b94c3a7333522b9859_9e75a609-18c7-4c98-8cd0-c34c3aeae423
\Lara\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-1359\2995fb4c62c9211bc265c89fe1c85061_9e75a609-18c7-4c98-8cd0-c34c3aeae423
\Lara\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-1359\3183cd1aef41afc9af73e231607b5266_9e75a609-18c7-4c98-8cd0-c34c3aeae423
\Lara\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-1359\4f8bd0d10c208c8d57d2a1babd288a83_9e75a609-18c7-4c98-8cd0-c34c3aeae423
\Lara\Protect\S-1-5-21-4534338-1127018997-2609994386-1359\5f6d65d9-c363-4c78-af8d-034fb80efc5a
\Lara\SystemCertificates\My\Certificates\1307CE05C8247AA08508302431B6A99647FF600E
\Lara\SystemCertificates\My\Certificates\7B0928AF99A3244E73F7F17957ABD5A80818B210
\Lara\SystemCertificates\My\Certificates\90E1D7F90AD73F66F2C8F60120C256D038FD1F2C
\Lara\SystemCertificates\My\Certificates\DB690E9D99D094D3E9746DE484D3050951516E29
\Logan\Crypto\RSA\S-1-5-21-4534338-1127018997-2609994386-1272\fd56f510920bd55b31ff5207eafda8c8_9e75a609-18c7-4c98-8cd0-c34c3aeae423
\Logan\Protect\S-1-5-21-4534338-1127018997-2609994386-1272\9c6cc9e0-b5f8-48f4-a478-305ad77fceab
\Logan\SystemCertificates\My\Certificates\5D7A3A4FE8ADF5A61C5079EB7FDD1507B2753682
#&gt;

PS C:\&gt; Get-Content -Path '.\Output\kiwiscript.txt'
&lt;# Sample Output:
REM Add this parameter to at least the first dpapi::masterkey command: /pvk:"ntds_capi_290914ed-b1a8-482e-a89f-7caa217bf3c3.pvk"
dpapi::masterkey /in:"Install\Protect\S-1-5-21-1236425271-2880748467-2592687428-1000\0f2ca69c-c144-4d80-905f-a6bcdfb0d659" /sid:S-1-5-21-1236425271-2880748467-2592687428-1000
dpapi::masterkey /in:"Install\Protect\S-1-5-21-1236425271-2880748467-2592687428-1000\acdad60e-bcc0-48fb-9ceb-7514ca5aa558" /sid:S-1-5-21-1236425271-2880748467-2592687428-1000
dpapi::cng /in:"Install\Crypto\Keys\002F8F86566CEFBC8694EE7F5BB24A5FF2BA2C18"
dpapi::cng /in:"Install\Crypto\Keys\476D927F1B009662D46D785BA58BD8E9DB42F687"
crypto::system /file:"Install\SystemCertificates\My\Certificates\EA4AD6192A82AB059BFA5E774515FDE0DA604160" /export
crypto::system /file:"Install\SystemCertificates\My\Certificates\D6F23BB7BD8C0099DF5F1324507EA0CA3DE7DEAB" /export
dpapi::masterkey /in:"john\Protect\S-1-5-21-1236425271-2880748467-2592687428-1109\bfefb3a6-5cdc-44f9-8521-a31feb3acdb1" /sid:S-1-5-21-1236425271-2880748467-2592687428-1109
dpapi::masterkey /in:"john\Protect\S-1-5-21-1236425271-2880748467-2592687428-1109\c14e7f69-3bf5-4c49-92d8-78d759d74ece" /sid:S-1-5-21-1236425271-2880748467-2592687428-1109
crypto::system /file:"john\SystemCertificates\My\Certificates\AF839B040D1257997A8D83EE71F96918F4C3EA01" /export
dpapi::cng /in:"john\Crypto\Keys\9F95F8E4F381BFFFD22B5EFAA013E53268451310"
dpapi::cng /in:"john\Crypto\Keys\C9ABDF8DC38EA2BA2E20AEC770D91210FF919F87"
crypto::system /file:"john\SystemCertificates\My\Certificates\DEFFADB62EE547CB88973DF664C4DC958E8E64D8" /export
crypto::system /file:"john\SystemCertificates\My\Certificates\49FD324E5CC4A6020AC9D12D4311C7B33393A1C4" /export
crypto::system /file:"john\SystemCertificates\My\Certificates\4E951C29567A261B2E90C94BCCEFAE1FA878A2CB" /export
dpapi::capi /in:"john\Crypto\RSA\S-1-5-21-1236425271-2880748467-2592687428-1109\0581f4e6088649266038726d9f8786a9_edc46440-65c9-41ce-aaeb-73754e0e38c8"
dpapi::capi /in:"john\Crypto\RSA\S-1-5-21-1236425271-2880748467-2592687428-1109\4771dfabcc8ad1ec2c84c489df041fad_edc46440-65c9-41ce-aaeb-73754e0e38c8"
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Extracts DPAPI backup keys and roamed credentials (certificates, private keys, and DPAPI master keys) from an Active Directory database file and saves them to the Output directory. Also creates a file called kiwiscript.txt that contains mimikatz commands needed to decrypt the private keys.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADReplBackupKey -Server 'lon-dc1.adatum.com' | Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ADReplAccount -All -Server 'lon-dc1.adatum.com' | Save-DPAPIBlob -DirectoryPath '.\Output'</dev:code>
        <dev:remarks>
          <maml:para>Replicates all DPAPI backup keys and roamed credentials (certificates, private keys, and DPAPI master keys) from the target Active Directory domain controller and saves them to the Output directory. Also creates a file called kiwiscript.txt that contains mimikatz commands needed to decrypt the private keys.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 3 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-LsaBackupKey -ComputerName 'lon-dc1.contoso.com' | Save-DPAPIBlob -DirectoryPath '.\Output'
PS C:\&gt; Get-ADSIAccount -Server 'lon-dc1.contoso.com' | Save-DPAPIBlob -DirectoryPath '.\Output'</dev:code>
        <dev:remarks>
          <maml:para>Retrieves DPAPI backup keys from the target domain controller through the MS-LSAD protocol. Also retrieves roamed credentials (certificates, private keys, and DPAPI master keys) from this domain controller through LDAP and saves them to the Output directory. Also creates a file called kiwiscript.txt that contains mimikatz commands needed to decrypt the private keys.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Save-DPAPIBlob.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-LsaBackupKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADSIAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Set-ADDBAccountPassword</command:name>
      <command:verb>Set</command:verb>
      <command:noun>ADDBAccountPassword</command:noun>
      <maml:description>
        <maml:para>Sets the password for a user, computer, or service account stored in a ntds.dit file.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Generates new password hashes of the given password, including NT hash, WDigest hashes and Kerberos DES, AES128 and AES256 keys and encrypts them into the database using boot key.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Set-ADDBAccountPassword</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Password, Pwd, Pass, AccountPassword, p">
          <maml:name>NewPassword</maml:name>
          <maml:Description>
            <maml:para>Specifies a new password value. This value is stored as an encrypted string.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBAccountPassword</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Password, Pwd, Pass, AccountPassword, p">
          <maml:name>NewPassword</maml:name>
          <maml:Description>
            <maml:para>Specifies a new password value. This value is stored as an encrypted string.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBAccountPassword</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Password, Pwd, Pass, AccountPassword, p">
          <maml:name>NewPassword</maml:name>
          <maml:Description>
            <maml:para>Specifies a new password value. This value is stored as an encrypted string.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBAccountPassword</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Password, Pwd, Pass, AccountPassword, p">
          <maml:name>NewPassword</maml:name>
          <maml:Description>
            <maml:para>Specifies a new password value. This value is stored as an encrypted string.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
          <dev:type>
            <maml:name>SecureString</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
        <maml:name>BootKey</maml:name>
        <maml:Description>
          <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Force</maml:name>
        <maml:Description>
          <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Password, Pwd, Pass, AccountPassword, p">
        <maml:name>NewPassword</maml:name>
        <maml:Description>
          <maml:para>Specifies a new password value. This value is stored as an encrypted string.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
        <dev:type>
          <maml:name>SecureString</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
        <maml:name>SkipMetaUpdate</maml:name>
        <maml:Description>
          <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.SecureString</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $pass = Read-Host -AsSecureString -Prompt 'Provide new password for user john'
PS C:\&gt; Set-ADDBAccountPassword -SamAccountName john `
                                -NewPassword $pass `
                                -DatabasePath '.\ADBackup\Active Directory\ntds.dit' `
                                -BootKey 0be7a2afe1713642182e9b96f73a75da</dev:code>
        <dev:remarks>
          <maml:para>Performs an offline password reset for user john .</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-ADDBAccountPassword.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBAccountPasswordHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-SamAccountPasswordHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-BootKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Set-ADDBAccountPasswordHash</command:name>
      <command:verb>Set</command:verb>
      <command:noun>ADDBAccountPasswordHash</command:noun>
      <maml:description>
        <maml:para>Sets the password hash for a user, computer, or service account stored in a ntds.dit file.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Writes the specified NT hash and optionally an entire supplementalCredentials data structure into an offline database. Also enables cross-database / cross-forest password migration without the requirement of a domain trust being in place.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Set-ADDBAccountPasswordHash</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Hash, PasswordHash, NTLMHash, MD4Hash, h">
          <maml:name>NTHash</maml:name>
          <maml:Description>
            <maml:para>Specifies the NT hash of a password that will be written to the target AD database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="KerberosKeys, sc, c">
          <maml:name>SupplementalCredentials</maml:name>
          <maml:Description>
            <maml:para>Specifies the kerberos keys and WDigest hashes that will be written to the target AD database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SupplementalCredentials</command:parameterValue>
          <dev:type>
            <maml:name>SupplementalCredentials</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBAccountPasswordHash</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Hash, PasswordHash, NTLMHash, MD4Hash, h">
          <maml:name>NTHash</maml:name>
          <maml:Description>
            <maml:para>Specifies the NT hash of a password that will be written to the target AD database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="KerberosKeys, sc, c">
          <maml:name>SupplementalCredentials</maml:name>
          <maml:Description>
            <maml:para>Specifies the kerberos keys and WDigest hashes that will be written to the target AD database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SupplementalCredentials</command:parameterValue>
          <dev:type>
            <maml:name>SupplementalCredentials</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBAccountPasswordHash</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Hash, PasswordHash, NTLMHash, MD4Hash, h">
          <maml:name>NTHash</maml:name>
          <maml:Description>
            <maml:para>Specifies the NT hash of a password that will be written to the target AD database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="KerberosKeys, sc, c">
          <maml:name>SupplementalCredentials</maml:name>
          <maml:Description>
            <maml:para>Specifies the kerberos keys and WDigest hashes that will be written to the target AD database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SupplementalCredentials</command:parameterValue>
          <dev:type>
            <maml:name>SupplementalCredentials</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBAccountPasswordHash</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
          <maml:name>BootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Hash, PasswordHash, NTLMHash, MD4Hash, h">
          <maml:name>NTHash</maml:name>
          <maml:Description>
            <maml:para>Specifies the NT hash of a password that will be written to the target AD database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="KerberosKeys, sc, c">
          <maml:name>SupplementalCredentials</maml:name>
          <maml:Description>
            <maml:para>Specifies the kerberos keys and WDigest hashes that will be written to the target AD database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SupplementalCredentials</command:parameterValue>
          <dev:type>
            <maml:name>SupplementalCredentials</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Key, SysKey, SystemKey">
        <maml:name>BootKey</maml:name>
        <maml:Description>
          <maml:para>Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Force</maml:name>
        <maml:Description>
          <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Hash, PasswordHash, NTLMHash, MD4Hash, h">
        <maml:name>NTHash</maml:name>
        <maml:Description>
          <maml:para>Specifies the NT hash of a password that will be written to the target AD database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an account on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
        <maml:name>SkipMetaUpdate</maml:name>
        <maml:Description>
          <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="KerberosKeys, sc, c">
        <maml:name>SupplementalCredentials</maml:name>
        <maml:Description>
          <maml:para>Specifies the kerberos keys and WDigest hashes that will be written to the target AD database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SupplementalCredentials</command:parameterValue>
        <dev:type>
          <maml:name>SupplementalCredentials</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Byte[]</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>DSInternals.Common.Data.SupplementalCredentials</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $pass = Read-Host -AsSecureString -Prompt 'Provide new password for user hacker'
PS C:\&gt; $hash = ConvertTo-NTHash $pass
PS C:\&gt; Set-ADDBAccountPasswordHash -SamAccountName john `
                                    -NTHash $hash `
                                    -DatabasePath '.\ADBackup\Active Directory\ntds.dit' `
                                    -BootKey 0be7a2afe1713642182e9b96f73a75da</dev:code>
        <dev:remarks>
          <maml:para>Performs an offline password reset for user john by injecting a raw NT hash value.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-ADDBAccountPasswordHash.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBAccountPassword</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-SamAccountPasswordHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-BootKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Set-ADDBBootKey</command:name>
      <command:verb>Set</command:verb>
      <command:noun>ADDBBootKey</command:noun>
      <maml:description>
        <maml:para>Re-encrypts a ntds.dit file with a new BootKey/SysKey.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Decrypts the password encryption key list from the pekList domain attribute using the current/old boot key and re-encrypts it using a new one. This might be useful during some DC restore operations. Note that this procedure is highly unsupported by Microsoft.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Set-ADDBBootKey</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="NewKey, New, NewSysKey">
          <maml:name>NewBootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the new boot key (AKA system key) that will be used to re-encrypt the password encryption key (pekList) stored in the target Active Directory database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="OldKey, Old, OldSysKey">
          <maml:name>OldBootKey</maml:name>
          <maml:Description>
            <maml:para>Specifies the current boot key (AKA system key) that will be used to decrypt the password encryption key (pekList) stored in the target Active Directory database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="NewKey, New, NewSysKey">
        <maml:name>NewBootKey</maml:name>
        <maml:Description>
          <maml:para>Specifies the new boot key (AKA system key) that will be used to re-encrypt the password encryption key (pekList) stored in the target Active Directory database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="OldKey, Old, OldSysKey">
        <maml:name>OldBootKey</maml:name>
        <maml:Description>
          <maml:para>Specifies the current boot key (AKA system key) that will be used to decrypt the password encryption key (pekList) stored in the target Active Directory database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Set-ADDBBootKey -DatabasePath 'C:\Backup\Active Directory\ntds.dit' `
                        -LogPath 'C:\Backup\Active Directory' `
                        -OldBootKey 610bc29e6f62ca7004e9872cd51a0116 `
                        -NewBootKey 6ffec6b70dc863db1906a5507c0576ee</dev:code>
        <dev:remarks>
          <maml:para>Re-encrypts the ntds.dit file with a new boot key.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-ADDBBootKey.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-BootKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>New-ADDBRestoreFromMediaScript</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Set-ADDBDomainController</command:name>
      <command:verb>Set</command:verb>
      <command:noun>ADDBDomainController</command:noun>
      <maml:description>
        <maml:para>Writes information about the DC to a ntds.dit file, including the highest committed USN and database epoch.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>The Set-ADDBDomainController cmdlet can be used to simulate USN rollbacks, USN depletion, and database file restore operations. This cmdlet should only be used in lab environments.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Set-ADDBDomainController</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Expiration, Expire">
          <maml:name>BackupExpiration</maml:name>
          <maml:Description>
            <maml:para>Specifies the database backup expiration time.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">DateTime</command:parameterValue>
          <dev:type>
            <maml:name>DateTime</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Confirms that you understand the implications of using this cmdlet and still want to use it.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBDomainController</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="DSAEpoch">
          <maml:name>Epoch</maml:name>
          <maml:Description>
            <maml:para>Specifies the database epoch which must be consistent with the information in the registry.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
          <dev:type>
            <maml:name>Int32</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Confirms that you understand the implications of using this cmdlet and still want to use it.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBDomainController</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Confirms that you understand the implications of using this cmdlet and still want to use it.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="USN">
          <maml:name>HighestCommittedUsn</maml:name>
          <maml:Description>
            <maml:para>Specifies the highest committed USN for the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Int64</command:parameterValue>
          <dev:type>
            <maml:name>Int64</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Expiration, Expire">
        <maml:name>BackupExpiration</maml:name>
        <maml:Description>
          <maml:para>Specifies the database backup expiration time.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">DateTime</command:parameterValue>
        <dev:type>
          <maml:name>DateTime</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="DSAEpoch">
        <maml:name>Epoch</maml:name>
        <maml:Description>
          <maml:para>Specifies the database epoch which must be consistent with the information in the registry.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
        <dev:type>
          <maml:name>Int32</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Force</maml:name>
        <maml:Description>
          <maml:para>Confirms that you understand the implications of using this cmdlet and still want to use it.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="USN">
        <maml:name>HighestCommittedUsn</maml:name>
        <maml:Description>
          <maml:para>Specifies the highest committed USN for the database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Int64</command:parameterValue>
        <dev:type>
          <maml:name>Int64</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $currentEpoch = Get-ItemPropertyValue -Path 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters' -Name 'DSA Database Epoch'
PS C:\&gt; Set-ADDBDomainController -DatabasePath .\ntds.dit -Epoch $currentEpoch -Force</dev:code>
        <dev:remarks>
          <maml:para>Copies the database epoch from registry to the ntds.dit file.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Set-ADDBDomainController -DatabasePath .\ntds.dit -HighestCommittedUsn 9223372036854775800 -Force</dev:code>
        <dev:remarks>
          <maml:para>Modifies the highest committed USN of the AD database. This might be helpful when trying to simulate USN rollbacks and USN depletion.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-ADDBDomainController.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBDomainController</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBBootKey</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Set-ADDBPrimaryGroup</command:name>
      <command:verb>Set</command:verb>
      <command:noun>ADDBPrimaryGroup</command:noun>
      <maml:description>
        <maml:para>Modifies the primaryGroupId attribute of an object in a ntds.dit file.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Modifies the primaryGroupId attribute of an account in a ntds.dit file. The most relevant group relative identifiers (RIDs) include 512 for Domain Admins , 513 for Domain Users , and 519 for Schema Admins .</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Set-ADDBPrimaryGroup</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
          <maml:name>DistinguishedName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="gid, Group, PrimaryGroup, GroupId">
          <maml:name>PrimaryGroupId</maml:name>
          <maml:Description>
            <maml:para>Specifies the new primary group relative identifier (RID) that will be written to the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
          <dev:type>
            <maml:name>Int32</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBPrimaryGroup</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
          <maml:name>ObjectGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="gid, Group, PrimaryGroup, GroupId">
          <maml:name>PrimaryGroupId</maml:name>
          <maml:Description>
            <maml:para>Specifies the new primary group relative identifier (RID) that will be written to the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
          <dev:type>
            <maml:name>Int32</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBPrimaryGroup</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
          <maml:name>ObjectSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="gid, Group, PrimaryGroup, GroupId">
          <maml:name>PrimaryGroupId</maml:name>
          <maml:Description>
            <maml:para>Specifies the new primary group relative identifier (RID) that will be written to the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
          <dev:type>
            <maml:name>Int32</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-ADDBPrimaryGroup</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
          <maml:name>DatabasePath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Force</maml:name>
          <maml:Description>
            <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
          <maml:name>LogPath</maml:name>
          <maml:Description>
            <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="gid, Group, PrimaryGroup, GroupId">
          <maml:name>PrimaryGroupId</maml:name>
          <maml:Description>
            <maml:para>Specifies the new primary group relative identifier (RID) that will be written to the database.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
          <dev:type>
            <maml:name>Int32</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
          <maml:name>SkipMetaUpdate</maml:name>
          <maml:Description>
            <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Database, DBPath, DatabaseFilePath, DBFilePath">
        <maml:name>DatabasePath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="dn">
        <maml:name>DistinguishedName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Force</maml:name>
        <maml:Description>
          <maml:para>Forces the cmdlet to perform the desired operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Log, TransactionLogPath">
        <maml:name>LogPath</maml:name>
        <maml:Description>
          <maml:para>Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Guid">
        <maml:name>ObjectGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="Sid">
        <maml:name>ObjectSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="gid, Group, PrimaryGroup, GroupId">
        <maml:name>PrimaryGroupId</maml:name>
        <maml:Description>
          <maml:para>Specifies the new primary group relative identifier (RID) that will be written to the database.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue>
        <dev:type>
          <maml:name>Int32</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="Login, sam">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies the identifier of an object on which to perform this operation.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate">
        <maml:name>SkipMetaUpdate</maml:name>
        <maml:Description>
          <maml:para>Indicates that the replication metadata of the affected object should not be updated.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.Int32</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Guid</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Set-ADDBPrimaryGroup -SamAccountName John `
                             -PrimaryGroupId 512 `
                             -DatabasePath 'D:\Windows\NTDS\ntds.dit'</dev:code>
        <dev:remarks>
          <maml:para>Moves the account John from the default Domain Users group to Domain Admins .</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-ADDBPrimaryGroup.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Add-ADDBSidHistory</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Set-AzureADUserEx</command:name>
      <command:verb>Set</command:verb>
      <command:noun>AzureADUserEx</command:noun>
      <maml:description>
        <maml:para>Registers new or revokes existing FIDO and NGC keys in Azure Active Directory.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>The Set-AzureADUserEx cmdlet uses an undocumented Azure AD Graph API endpoint to modify the normally hidden searchableDeviceKeys attribute of user accounts. This attribute holds different types of key credentials, including the FIDO2 and NGC keys that are used by Windows Hello for Business.</maml:para>
      <maml:para>This cmdlet also enables Global Admins to selectively revoke security keys registered by other users. This is a unique feature, as Microsoft only supports self-service FIDO2 security key registration and revocation (at least at the time of publishing this cmdlet).</maml:para>
      <maml:para>This cmdlet is not intended to replace the Set-AzureADUser cmdlet from Microsoft's AzureAD module. Authentication fully relies on the official Connect-AzureAD cmdlet.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Set-AzureADUserEx</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Token">
          <maml:name>AccessToken</maml:name>
          <maml:Description>
            <maml:para>Specifies the access token retrieved by the Connect-AzureAD cmdlet.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SearchableDeviceKey, KeyCredentialLink">
          <maml:name>KeyCredential</maml:name>
          <maml:Description>
            <maml:para>Specifies a list of key credentials (typically FIDO2 and NGC keys) that can be used by the target user for authentication.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">KeyCredential[]</command:parameterValue>
          <dev:type>
            <maml:name>KeyCredential[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Identity, Id, UserId, ObjectGuid">
          <maml:name>ObjectId</maml:name>
          <maml:Description>
            <maml:para>Specifies the identity of a user in Azure AD.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Tenant">
          <maml:name>TenantId</maml:name>
          <maml:Description>
            <maml:para>Specifies the Azure AD tenant to perform the search in. If not specified, the tenant of the authenticated user will be used.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-AzureADUserEx</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Token">
          <maml:name>AccessToken</maml:name>
          <maml:Description>
            <maml:para>Specifies the access token retrieved by the Connect-AzureAD cmdlet.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SearchableDeviceKey, KeyCredentialLink">
          <maml:name>KeyCredential</maml:name>
          <maml:Description>
            <maml:para>Specifies a list of key credentials (typically FIDO2 and NGC keys) that can be used by the target user for authentication.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">KeyCredential[]</command:parameterValue>
          <dev:type>
            <maml:name>KeyCredential[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Tenant">
          <maml:name>TenantId</maml:name>
          <maml:Description>
            <maml:para>Specifies the Azure AD tenant to perform the search in. If not specified, the tenant of the authenticated user will be used.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="UPN, UserName">
          <maml:name>UserPrincipalName</maml:name>
          <maml:Description>
            <maml:para>Specifies the UPN of a user in Azure AD.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Token">
        <maml:name>AccessToken</maml:name>
        <maml:Description>
          <maml:para>Specifies the access token retrieved by the Connect-AzureAD cmdlet.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="SearchableDeviceKey, KeyCredentialLink">
        <maml:name>KeyCredential</maml:name>
        <maml:Description>
          <maml:para>Specifies a list of key credentials (typically FIDO2 and NGC keys) that can be used by the target user for authentication.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">KeyCredential[]</command:parameterValue>
        <dev:type>
          <maml:name>KeyCredential[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Identity, Id, UserId, ObjectGuid">
        <maml:name>ObjectId</maml:name>
        <maml:Description>
          <maml:para>Specifies the identity of a user in Azure AD.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Tenant">
        <maml:name>TenantId</maml:name>
        <maml:Description>
          <maml:para>Specifies the Azure AD tenant to perform the search in. If not specified, the tenant of the authenticated user will be used.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="UPN, UserName">
        <maml:name>UserPrincipalName</maml:name>
        <maml:Description>
          <maml:para>Specifies the UPN of a user in Azure AD.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Install-Module -Name AzureAD,DSInternals -Force
PS C:\&gt; Connect-AzureAD
PS C:\&gt; $token = [Microsoft.Open.Azure.AD.CommonLibrary.AzureSession]::AccessTokens['AccessToken'].AccessToken
PS C:\&gt; Set-AzureADUserEx -UserPrincipalName '[email protected]' -KeyCredential @() -Token $token</dev:code>
        <dev:remarks>
          <maml:para>Revokes all FIDO2 security keys and NGC keys (Windows Hello for Business) that were previously registered by the specified user. Typical use case includes stolen devices and other security incidents.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $user = Get-AzureADUserEx -UserPrincipalName '[email protected]' -AccessToken $token 
PS C:\&gt; $newCreds = $user.KeyCredentials | where { $PSItem.FidoKeyMaterial.DisplayName -notlike '*YubiKey*' }
PS C:\&gt; Set-AzureADUserEx -UserPrincipalName '[email protected]' -KeyCredential $newCreds -Token $token</dev:code>
        <dev:remarks>
          <maml:para>Selectively revokes a specific FIDO2 security key based on its display name. Typical use case is a stolen/lost security key.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Get-AzureADUserEx</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADKeyCredential</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Set-LsaPolicyInformation</command:name>
      <command:verb>Set</command:verb>
      <command:noun>LsaPolicyInformation</command:noun>
      <maml:description>
        <maml:para>Configures AD-related Local Security Authority Policies of the local computer or a remote one.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Configures AD-related Local Security Authority (LSA) Policies of the local or a remote computer. This functionality is helpful when restoring Active Directory domain controllers (DC) from IFM backups. Note that running this command against a DC with parameters that do not match the information stored in its local AD database might prevent the target DC from booting ever again.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Set-LsaPolicyInformation</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="Server, ServerName, Computer, Machine, MachineName, System, SystemName">
          <maml:name>ComputerName</maml:name>
          <maml:Description>
            <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
            <maml:para>The default is the local computer. To specify the local computer, such as in a list of computer names, use "localhost", the local computer name, or a dot (.).</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>DnsDomainName</maml:name>
          <maml:Description>
            <maml:para>Specifies the DNS name of the primary domain.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>DnsForestName</maml:name>
          <maml:Description>
            <maml:para>Specifies the DNS forest name of the primary domain. This is the DNS name of the domain at the root of the enterprise.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>DomainGuid</maml:name>
          <maml:Description>
            <maml:para>Specifies the GUID of the primary domain.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
          <dev:type>
            <maml:name>Guid</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="NetBIOSDomainName, Workgroup">
          <maml:name>DomainName</maml:name>
          <maml:Description>
            <maml:para>Specifies the name of the primary domain.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>DomainSid</maml:name>
          <maml:Description>
            <maml:para>Specifies the SID of the primary domain.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="Server, ServerName, Computer, Machine, MachineName, System, SystemName">
        <maml:name>ComputerName</maml:name>
        <maml:Description>
          <maml:para>Specifies the target computer for the operation. Enter a fully qualified domain name (FQDN), a NetBIOS name, or an IP address. When the remote computer is in a different domain than the local computer, the fully qualified domain name is required.</maml:para>
          <maml:para>The default is the local computer. To specify the local computer, such as in a list of computer names, use "localhost", the local computer name, or a dot (.).</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>DnsDomainName</maml:name>
        <maml:Description>
          <maml:para>Specifies the DNS name of the primary domain.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>DnsForestName</maml:name>
        <maml:Description>
          <maml:para>Specifies the DNS forest name of the primary domain. This is the DNS name of the domain at the root of the enterprise.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>DomainGuid</maml:name>
        <maml:Description>
          <maml:para>Specifies the GUID of the primary domain.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Guid</command:parameterValue>
        <dev:type>
          <maml:name>Guid</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="NetBIOSDomainName, Workgroup">
        <maml:name>DomainName</maml:name>
        <maml:Description>
          <maml:para>Specifies the name of the primary domain.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>DomainSid</maml:name>
        <maml:Description>
          <maml:para>Specifies the SID of the primary domain.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Set-LsaPolicyInformation -DomainName 'ADATUM' `
                                 -DnsDomainName 'Adatum.com' `
                                 -DnsForestName 'Adatum.com' `
                                 -DomainGuid 279b615e-ae79-4c86-a61a-50f687b9f7b8 `
                                 -DomainSid S-1-5-21-1817670852-3242289776-1304069626</dev:code>
        <dev:remarks>
          <maml:para>Configures AD-related LSA Policy Information of the local computer.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-LsaPolicyInformation.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>New-ADDBRestoreFromMediaScript</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Set-SamAccountPasswordHash</command:name>
      <command:verb>Set</command:verb>
      <command:noun>SamAccountPasswordHash</command:noun>
      <maml:description>
        <maml:para>Sets NT and LM hashes of an Active Directory or local account through the MS-SAMR protocol.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Sets NT and LM password hashes of a user account in a local or remote Security Account Manager (SAM) or Active Directory (AD) database through the SAM Remote Protocol (MS-SAMR). Note that kerberos AES and DES ekeys of the target account are cleared by this command.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Set-SamAccountPasswordHash</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies the user account credentials to be used to perform this task. The default credentials are the credentials of the currently logged on user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
          <maml:name>Domain</maml:name>
          <maml:Description>
            <maml:para>Specifies the target NetBIOS domain name the target account belongs to.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
          <maml:name>LMHash</maml:name>
          <maml:Description>
            <maml:para>Specifies a new LM password hash value in hexadecimal format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
          <maml:name>NTHash</maml:name>
          <maml:Description>
            <maml:para>Specifies a new NT password hash value in hexadecimal format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
          <maml:name>SamAccountName</maml:name>
          <maml:Description>
            <maml:para>Specifies user's login.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="ComputerName, Computer">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the name of a SAM server.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>localhost</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Set-SamAccountPasswordHash</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Credential</maml:name>
          <maml:Description>
            <maml:para>Specifies the user account credentials to be used to perform this task. The default credentials are the credentials of the currently logged on user.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>PSCredential</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
          <maml:name>LMHash</maml:name>
          <maml:Description>
            <maml:para>Specifies a new LM password hash value in hexadecimal format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
          <maml:name>NTHash</maml:name>
          <maml:Description>
            <maml:para>Specifies a new NT password hash value in hexadecimal format.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
          <dev:type>
            <maml:name>Byte[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="ComputerName, Computer">
          <maml:name>Server</maml:name>
          <maml:Description>
            <maml:para>Specifies the name of a SAM server.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>localhost</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
          <maml:name>Sid</maml:name>
          <maml:Description>
            <maml:para>Specifies user SID.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
          <dev:type>
            <maml:name>SecurityIdentifier</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Credential</maml:name>
        <maml:Description>
          <maml:para>Specifies the user account credentials to be used to perform this task. The default credentials are the credentials of the currently logged on user.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
        <dev:type>
          <maml:name>PSCredential</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
        <maml:name>Domain</maml:name>
        <maml:Description>
          <maml:para>Specifies the target NetBIOS domain name the target account belongs to.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
        <maml:name>LMHash</maml:name>
        <maml:Description>
          <maml:para>Specifies a new LM password hash value in hexadecimal format.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
        <maml:name>NTHash</maml:name>
        <maml:Description>
          <maml:para>Specifies a new NT password hash value in hexadecimal format.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">Byte[]</command:parameterValue>
        <dev:type>
          <maml:name>Byte[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
        <maml:name>SamAccountName</maml:name>
        <maml:Description>
          <maml:para>Specifies user's login.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="ComputerName, Computer">
        <maml:name>Server</maml:name>
        <maml:Description>
          <maml:para>Specifies the name of a SAM server.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>localhost</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none">
        <maml:name>Sid</maml:name>
        <maml:Description>
          <maml:para>Specifies user SID.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">SecurityIdentifier</command:parameterValue>
        <dev:type>
          <maml:name>SecurityIdentifier</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Security.Principal.SecurityIdentifier</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.Byte[]</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Set-SamAccountPasswordHash -SamAccountName 'john' `
                                   -Domain CONTOSO `
                                   -NTHash ac5d3227c79791b451eb28fcd9efbfb2 `
                                   -Server 'lon-dc1.contoso.com'</dev:code>
        <dev:remarks>
          <maml:para>Resets the NT password hash of the target Active Directory account through the MS-SAMR protocol.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-SamAccountPasswordHash.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Set-ADDBAccountPasswordHash</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Test-PasswordQuality</command:name>
      <command:verb>Test</command:verb>
      <command:noun>PasswordQuality</command:noun>
      <maml:description>
        <maml:para>Performs AD audit, including checks for weak, duplicate, default and empty passwords. Accepts input from the Get-ADReplAccount and Get-ADDBAccount cmdlets.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>The Test-PasswordQuality cmdlet is a simple tool for Active Directory password auditing. It can detect weak, duplicate, default, non-expiring or empty passwords and find accounts that are violating security best practices. The cmdlet accepts output of the Get-ADDBAccount and Get-ADReplAccount cmdlets, so both offline (ntds.dit) and online (DCSync) password analysis can be done.</maml:para>
      <maml:para>Lists of leaked passwords that can be obtained from HaveIBeenPwned are fully supported. Be sure to download the list that is marked as "NTLM (ordered by hash)" and extract the archive to your HDD.</maml:para>
      <maml:para>Although the cmdlet output is formatted in a human readable fashion, it is still an object, whose properties can be accessed separately (e.g. $result.WeakPassword) to produce a desired output. When scripted, it can be used to audit Active Directory passwords on a regular basis.</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Test-PasswordQuality</maml:name>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="ADAccount, DSAccount">
          <maml:name>Account</maml:name>
          <maml:Description>
            <maml:para>Active Directory account to check. The accounts are typically piped in from the Get-ADDBAccount and Get-ADReplAccount cmdlets.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">DSAccount</command:parameterValue>
          <dev:type>
            <maml:name>DSAccount</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>IncludeDisabledAccounts</maml:name>
          <maml:Description>
            <maml:para>Process even accounts that are disabled. Such accounts are skipped otherwise.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>SkipDuplicatePasswordTest</maml:name>
          <maml:Description>
            <maml:para>Do not compare account hashes with each other.</maml:para>
          </maml:Description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>WeakPasswordHashesFile</maml:name>
          <maml:Description>
            <maml:para>Path to a file that contains NT hashes of weak passwords, one hash in HEX format per line. For performance reasons, the -WeakPasswordHashesSortedFile parameter should be used instead.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>WeakPasswordHashesSortedFile</maml:name>
          <maml:Description>
            <maml:para>Path to a file that contains NT hashes of weak passwords, one hash in HEX format per line. The hashes must be sorted alphabetically, because a binary search is performed. This parameter is typically used with a list of leaked password hashes from HaveIBeenPwned.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>WeakPasswords</maml:name>
          <maml:Description>
            <maml:para>List of passwords that are considered weak, e.g. Password123 or April2019. If more than a handful passwords are to be tested, the WeakPasswordsFile parameter should be used instead.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue>
          <dev:type>
            <maml:name>String[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>WeakPasswordsFile</maml:name>
          <maml:Description>
            <maml:para>Path to a file that contains weak passwords, one password per line.</maml:para>
          </maml:Description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByValue)" position="0" aliases="ADAccount, DSAccount">
        <maml:name>Account</maml:name>
        <maml:Description>
          <maml:para>Active Directory account to check. The accounts are typically piped in from the Get-ADDBAccount and Get-ADReplAccount cmdlets.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">DSAccount</command:parameterValue>
        <dev:type>
          <maml:name>DSAccount</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>IncludeDisabledAccounts</maml:name>
        <maml:Description>
          <maml:para>Process even accounts that are disabled. Such accounts are skipped otherwise.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>SkipDuplicatePasswordTest</maml:name>
        <maml:Description>
          <maml:para>Do not compare account hashes with each other.</maml:para>
        </maml:Description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>WeakPasswordHashesFile</maml:name>
        <maml:Description>
          <maml:para>Path to a file that contains NT hashes of weak passwords, one hash in HEX format per line. For performance reasons, the -WeakPasswordHashesSortedFile parameter should be used instead.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>WeakPasswordHashesSortedFile</maml:name>
        <maml:Description>
          <maml:para>Path to a file that contains NT hashes of weak passwords, one hash in HEX format per line. The hashes must be sorted alphabetically, because a binary search is performed. This parameter is typically used with a list of leaked password hashes from HaveIBeenPwned.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>WeakPasswords</maml:name>
        <maml:Description>
          <maml:para>List of passwords that are considered weak, e.g. Password123 or April2019. If more than a handful passwords are to be tested, the WeakPasswordsFile parameter should be used instead.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue>
        <dev:type>
          <maml:name>String[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>WeakPasswordsFile</maml:name>
        <maml:Description>
          <maml:para>Path to a file that contains weak passwords, one password per line.</maml:para>
        </maml:Description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>DSInternals.Common.Data.DSAccount</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>DSInternals.PowerShell.PasswordQualityTestResult</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBAccount -All -DatabasePath ntds.dit -BootKey acdba64a3929261b04e5270c3ef973cf |
            Test-PasswordQuality -WeakPasswordHashesSortedFile pwned-passwords-ntlm-ordered-by-hash-v5.txt
&lt;# Sample Output:

Active Directory Password Quality Report
----------------------------------------

Passwords of these accounts are stored using reversible encryption:
  CONTOSO\smith
  CONTOSO\doe

LM hashes of passwords of these accounts are present:
  CONTOSO\hodge

These accounts have no password set:
  CONTOSO\test01
  CONTOSO\test02

Passwords of these accounts have been found in the dictionary:
  CONTOSO\Administrator

These groups of accounts have the same passwords:
  Group 1:
    CONTOSO\graham
    CONTOSO\graham_admin
  Group 2:
    CONTOSO\admin
    CONTOSO\sql_svc01

These computer accounts have default passwords:
  CONTOSO\DESKTOP27$

Kerberos AES keys are missing from these accounts:
  CONTOSO\sql_svc01

Kerberos pre-authentication is not required for these accounts:
  CONTOSO\jboss

Only DES encryption is allowed to be used with these accounts:
  CONTOSO\sql_svc01

These accounts are susceptible to the Kerberoasting attack:
  CONTOSO\Administrator
  CONTOSO\sp_svc01
  CONTOSO\sql_svc02

These administrative accounts are allowed to be delegated to a service:
  CONTOSO\AdatumAdmin
  CONTOSO\Administrator

Passwords of these accounts will never expire:
  CONTOSO\admin
  CONTOSO\sql_svc01

These accounts are not required to have a password:
  CONTOSO\gonzales

These accounts that require smart card authentication have a password:
  CONTOSO\smithj
  CONTOSO\jonesp
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Performs an offline credential hygiene audit of AD database against HIBP.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 2 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $results = Get-ADReplAccount -All -Server LON-DC1 |
                   Test-PasswordQuality -WeakPasswords 'Pa$$w0rd','April2019' `
                                        -WeakPasswordHashesSortedFile pwned-passwords-ntlm-ordered-by-hash-v5.txt</dev:code>
        <dev:remarks>
          <maml:para>Performs an online credential hygiene audit of AD against HIBP + a custom wordlist.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 3 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $pwnedUsers = $accounts |
                      Test-PasswordQuality -WeakPasswordsFile rockyou.txt -SkipDuplicatePasswordTest |
                      Select-Object -ExpandProperty WeakPassword</dev:code>
        <dev:remarks>
          <maml:para>Performs a dictionary attack against a set of accounts. The Test-PasswordQuality cmdlet always returns structured data.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 4 --------------------------</maml:title>
        <dev:code>PS C:\&gt; Get-ADDBAccount -All -DatabasePath ntds.dit -BootKey $key |
            where DistinguishedName -like '*OU=Employees,DC=contoso,DC=com' |
            Test-PasswordQuality -IncludeDisabledAccounts -WeakPasswordHashesSortedFile pwned-passwords-ntlm-ordered-by-hash-v5.txt</dev:code>
        <dev:remarks>
          <maml:para>Performs an offline credential hygiene audit of a selected OU from AD database against HIBP.</maml:para>
        </dev:remarks>
      </command:example>
      <command:example>
        <maml:title>-------------------------- Example 5 --------------------------</maml:title>
        <dev:code>PS C:\&gt; $contosoAccounts = Get-ADReplAccount -All -Server LON-DC1.contoso.com
PS C:\&gt; $adatumAccounts = Get-ADReplAccount -All -Server NYC-DC1.adatum.com -Credential (Get-Credential)
PS C:\&gt; $contosoAccounts + $adatumAccounts | Test-PasswordQuality
&lt;# Sample Output (Partial):

These groups of accounts have the same passwords:
  Group 1:
    ADATUM\smith
    ADATUM\doe
  Group 2:
    ADATUM\Administrator
    ADATUM\joe_admin
    CONTOSO\Administrator
    CONTOSO\joe_admin
#&gt;</dev:code>
        <dev:remarks>
          <maml:para>Performs a cross-forest duplicate password discovery. Any number of Get-ADReplAccount and Get-ADDBAccount cmdlet outputs can be combined together, as long as the computer has enough memory.</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks>
      <maml:navigationLink>
        <maml:linkText>Online Version:</maml:linkText>
        <maml:uri>https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Test-PasswordQuality.md</maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADDBAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
      <maml:navigationLink>
        <maml:linkText>Get-ADReplAccount</maml:linkText>
        <maml:uri></maml:uri>
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
</helpItems>
DSInternals\Views\DSInternals.AzureADUser.format.ps1xml
 
DSInternals\Views\DSInternals.DSAccount.ExportViews.format.ps1xml
 
DSInternals\Views\DSInternals.DSAccount.format.ps1xml
 
DSInternals\Views\DSInternals.FidoKeyMaterial.format.ps1xml
 
DSInternals\Views\DSInternals.Hash.format.ps1xml
 
DSInternals\Views\DSInternals.KdsRootKey.format.ps1xml
 
DSInternals\Views\DSInternals.Kerberos.format.ps1xml
 
DSInternals\Views\DSInternals.KeyCredential.format.ps1xml
 
DSInternals\Views\DSInternals.LsaPolicyInformation.format.ps1xml
 
DSInternals\Views\DSInternals.PasswordQualityTestResult.format.ps1xml
 
DSInternals\Views\DSInternals.RoamedCredential.format.ps1xml
 
DSInternals\Views\DSInternals.SamDomainPasswordInformation.format.ps1xml
 
DSInternals\x86\DSInternals.Replication.Interop.dll
md5: 30E49CE3E41419BF76ABE2BB0766BDB7 | sha1: 259C6C07B71AE50115226CCF6004261B08C01733 | sha256: 45532A0A3BF471B98563F636A8D62C538A62970755CFBAC2F3C3B03829C121C3 | sha512: 9BDCD7D37F4E66339E743F7EFED2D82C3133FA370AE963E2ED923713C7F0A44B6624DC0463744F29AE058286EF98BADFE4DAEA55C06CC5C370EB60D65611363B
DSInternals\x86\msvcp140.dll
md5: ADA8528BE82A489D996257C25E3BBA39 | sha1: 11A219B5960EC3D0CE7277DD7FFD7D7551CECD72 | sha256: 4BDC25B396B0B3157B962C140518FFC8BE4C7216816C87232EFAFD0D744A391D | sha512: 1075EAFDD4C0978572439B54E420A7908FBE41B6B11E3500358DC32F2901C4E66B3D24E195EBC510D0E99AC738E85DDAD6A19B3766A85B48ECC02FB45A535685
DSInternals\x86\vcruntime140.dll
md5: 72165A8619E6313D30B7C778EA1CFFE2 | sha1: 41F06C66AE3F532B5E2474EA54B2BBFEA79C4725 | sha256: C5C1CBD1DCCFF00CC3EEFF3D9D5A77DB39EE3CE8A431BC1244A9EBAD5F4A1194 | sha512: 27764A3BDD7E2AA80C427858514FACD57E17F3E98A492D8E707C6534342BAD207B7126993CD5479CF8E5F930E41D3C6356044633E37A607B664CFA108B7F77CC
tools\DSInternals.cat
 
DSInternals\amd64\vcruntime140.dll
md5: B52734E3B09FE182E0DEE2B7B9DE1708 | sha1: 8F694560175F892D8C556FFC3CA9352BB4F9107D | sha256: 3033C04FD1898069FE364F9A736C6C168510C7C6A3951288FACCB942BD87068A | sha512: 6C90CFC529DC2854A0B0C3DB3476695246D6296E5331BA961059FBA6DF584D2B9D7C26414DD25A6B37DE674A1FD659FD7D2454DA5E2F7D0CD725EC3C66185621
DSInternals\amd64\msvcp140.dll
md5: 29652107E328F79FFD5D46CDE3CAE548 | sha1: D98AC22B6FF098532E577A32B9FE509E4B3BD3B5 | sha256: E45DAFCABCFCD7A2F59F16BB2010FDC587393FD32E4A55C7D2EAC77D2FBCBB07 | sha512: 42635622689445B0DA9206BD95A658F73197CCE8E0F3F8EEC6A3B6EA7134C6A4099E994A002D088F7A942712177D66055398E7314913E19445C549B5EB59F6B9
DSInternals\amd64\DSInternals.Replication.Interop.dll
md5: A778A1AD7D251EF222DF31952E2965F2 | sha1: 6B6693ADC93522B2F7B38F465F674F9CDB4FB65F | sha256: 451198A50C0A588F14D48099F0649D2542FE17412A7CCEC8A75D2F4783B563E4 | sha512: 93ED92280CB66E12007A878E28D47A7CB7EAD24F193C2B3F2B2017BD87CD81052FFACFE67B4672971B2F2ABEFC1AB79D7AC25ED7ECB7F55E86C1B1F450B8A259
DSInternals\Numbers.dll
md5: 39D370F850D234CF73DA822A7F2121BD | sha1: 379960EF969DEF2B0A563C829BE3F413B52F49F5 | sha256: CF57674E763AD6F47F330AD21B2B663616AF053D6C5072540DD99879261FC6D3 | sha512: 17F15A4C972DFE83DF07D321295C7C312D38569FE2DB19B45DF84C11890133B3542924343BB5B2838ADB2CEE1FEA47B3D214B6EA4C5801DF02B30C947F7E9CF6
DSInternals\Newtonsoft.Json.dll
md5: 715A1FBEE4665E99E859EDA667FE8034 | sha1: E13C6E4210043C4976DCDC447EA2B32854F70CC6 | sha256: C5C83BBC1741BE6FF4C490C0AEE34C162945423EC577C646538B2D21CE13199E | sha512: BF9744CCB20F8205B2DE39DBE79D34497B4D5C19B353D0F95E87EA7EF7FA1784AEA87E10EFCEF11E4C90451EAA47A379204EB0533AA3018E378DD3511CE0E8AD
DSInternals\NDceRpc.Microsoft.dll
md5: 38616DDB22D15C169FD3479F9CF3F828 | sha1: FD2ED612BAB7AD10FFE66A18A7E4CEC99309F36E | sha256: 0EB0EFD4AE9066BF66E1831C6BB357FA707E8320B88407979F7BF52CC02D5425 | sha512: B14B1F75BBEDB1C3A6308A25FAB02489B11395985C05808BBA5CBF4CD5A8D6D1D98FF066ABDE9C1B6BBF15C4C42D99ECFED7056E7267C9B22A02A57921F3EF73
DSInternals\License.txt
The binary distribution of the DSInternals PowerShell Module contains the following software products:

-------------------------------------------
DSInternals PowerShell Module and Framework
-------------------------------------------

(License updated on 3/17/2020 from https://raw.githubusercontent.com/MichaelGrafnetter/DSInternals/master/LICENSE.md.)

The MIT License (MIT)

Copyright (c) 2015-2022 Michael Grafnetter

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.


---------------------
ESENT Managed Interop
---------------------

(License updated on 7/7/2019 from https://raw.githubusercontent.com/microsoft/ManagedEsent/master/LICENSE.md.)

The MIT License (MIT)

Copyright (c) Microsoft Corporation

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

----------
AutoMapper
----------

(License updated on 7/7/2019 from https://raw.githubusercontent.com/AutoMapper/AutoMapper/master/LICENSE.txt.)

The MIT License (MIT)

Copyright (c) 2010 Jimmy Bogard

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

----------------------------------------------------------------------
NDceRpc (.NET Distributed Computing Environment Remote Procedure Call)
----------------------------------------------------------------------

(License updated on 7/7/2019 from https://raw.githubusercontent.com/OpenSharp/NDceRpc/master/license.txt.)

CC0 1.0 Universal (CC0 1.0) Public Domain Dedication
http://creativecommons.org/publicdomain/zero/1.0/

Other codes, if any used, are under MIT, CPOL, BSD, Apache, MS-PL.

----------
PBKDF2.NET
----------

(License updated on 7/7/2019 from https://raw.githubusercontent.com/therealmagicmike/PBKDF2.NET/master/License.txt.)

Copyright (c) 2013 Michael Johnson

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

-------------
Bouncy Castle
-------------

(License updated on 7/7/2019 from https://raw.githubusercontent.com/bcgit/bc-csharp/master/crypto/License.html.)

Copyright (c) 2000-2019 The Legion of the Bouncy Castle Inc.
(https://www.bouncycastle.org)
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the "Software"), to deal in the
Software without restriction, including without limitation the rights to use, copy, modify, merge,
publish, distribute, sub license, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS",
WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO THE
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE AND NONINFRINGEMENT. IN NO
EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

--------
Json.NET
--------

(License updated on 7/7/2019 from https://raw.githubusercontent.com/JamesNK/Newtonsoft.Json/master/LICENSE.md.)

The MIT License (MIT)

Copyright (c) 2007 James Newton-King

Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

---------------------
Peter O. CBOR Library
---------------------

(License updated on 7/7/2019 from https://raw.githubusercontent.com/peteroupc/CBOR/master/LICENSE.md.)

Written by Peter O. in 2013-2015.  In the public domain.

Public domain dedication: [http://creativecommons.org/publicdomain/zero/1.0/](http://creativecommons.org/publicdomain/zero/1.0/)
DSInternals\Esent.Isam.dll
md5: 3C30A1D05A2FD03B41A55AF88E95B6F6 | sha1: 998B5A798A5F0A35E86D7D8DA65AC6ABCAA02B07 | sha256: 5971C97BE42EE1250BCCACF2B148BFB9D9013B1D54A75C65711BA8DC459058D2 | sha512: 3EEA6F5F7488E400C80B43853F1799CC8AA82C2C95FE52D457276B593CE5E709ADBAD4A17075D3BEE32E57A69F6D90035A84FDAF837D0EF6B159B69331C33477
DSInternals\Esent.Interop.dll
md5: 0ACE037AD03F084D7995D56B4CBDFCC7 | sha1: 2931311EBFF872EBD97187B6CB8E0164909860E8 | sha256: AA458EA4347722AA1B030FD404CB28377B2F9B4E338C0A0FE463952C6BBC811B | sha512: 61D6E3A31EA412E04AE442B1017126A456A12207BD1658B86F2D8CEB53FBFAB75DC2D1377B1ED12689C4181FC0F1E77A7F0B146042843D16F5BDCAEB0B6EC88D
DSInternals\DSInternals.types.ps1xml
 
DSInternals\DSInternals.SAM.dll
md5: 0A487E5E14FD008E4D604F14E54B5045 | sha1: 00EC82D960122ABDC4310556AC77D394F0F07A8C | sha256: F8DAA0EE18EEF5E6003EECD37F76FAFFF1EC500C77AC99E9AB204283233126B7 | sha512: 5B0E976BA0CE31A747C58EFF3DF44AA63962E7330B678A591135CAFD4D6150F31546FFFEA5C4A5EEDF452BD4B32F74B9124F0C2B0DAFB0C4460CC51E30B87610
DSInternals\DSInternals.Replication.Model.dll
md5: 5B87B9073394C83AC4E1AC7C38081F76 | sha1: 15F815935ED014F669A7948C162B5A3480403AB9 | sha256: 3D240D56958AEBDE030FE2A145A187A268FA42A06BB311FE3F7D9C5A9949C027 | sha512: C51554026FD4DC99A00A93606333CB8EC91F15750787FF49FD20AA4FCFD13F5AFB5527647C6B451C1840F46D2CC562AB8F3F66F16F259BCF66C49CDA7A34D83D
DSInternals\DSInternals.Replication.dll
md5: F9D0E1FA211E372CB1156201145C9855 | sha1: D26229880E65A75D425A45436A267B7BB2CB1ED7 | sha256: B027D9BF4777F5528A0FBCDAF591393066E645B5EDFB66B9BC1D3FB710C21C9A | sha512: DFC3E4D8818105C335343D09FE6A10690391864C3581732F945505919D585A25154EF1F0CA5C68336FF339A8AE38A8318EFF8BFB0C9F87FCAE217C4154D08865
DSInternals\DSInternals.psd1
#
# Module manifest for module 'DSInternals'
#

@{

# Script module file associated with this manifest.
RootModule = 'DSInternals.Bootstrap.psm1'

# Version number of this module.
ModuleVersion = '4.8'

# Supported PSEditions
# CompatiblePSEditions = 'Desktop'

# ID used to uniquely identify this module
GUID = '766b3ad8-eb78-48e6-84bd-61b31d96b53e'

# Author of this module
Author = 'Michael Grafnetter'

# Company or vendor of this module
CompanyName = 'DSInternals'

# Copyright statement for this module
Copyright = '(c) 2015-2022 Michael Grafnetter. All rights reserved.'

# Description of the functionality provided by this module
Description = @"
The DSInternals PowerShell Module exposes several internal features of Active Directory and Azure Active Directory. These include FIDO2 and NGC key auditing, offline ntds.dit file manipulation, password auditing, DC recovery from IFM backups and password hash calculation.

DISCLAIMER: Features exposed through this module are not supported by Microsoft and it is therefore not intended to be used in production environments. Improper use might cause irreversible damage to domain controllers or negatively impact domain security.
"@

# Minimum version of the Windows PowerShell engine required by this module
PowerShellVersion = '3.0'

# Minimum version of Microsoft .NET Framework required by this module
DotNetFrameworkVersion = '4.7.2' # This requirement is not enforced by older versions of PS.

# Minimum version of the common language runtime (CLR) required by this module
CLRVersion = '4.0.30319.42000' # Corresponds to .NET Framework 4.6 and later

# Processor architecture (None, X86, Amd64) required by this module
ProcessorArchitecture = 'None'

# Type files (.ps1xml) to be loaded when importing this module
TypesToProcess = @('DSInternals.types.ps1xml')

# Format files (.ps1xml) to be loaded when importing this module
FormatsToProcess = 'Views\DSInternals.AzureADUser.format.ps1xml',
                   'Views\DSInternals.Hash.format.ps1xml',
                   'Views\DSInternals.RoamedCredential.format.ps1xml',
                   'Views\DSInternals.Kerberos.format.ps1xml',
                   'Views\DSInternals.KeyCredential.format.ps1xml',
                   'Views\DSInternals.FidoKeyMaterial.format.ps1xml',
                   'Views\DSInternals.DSAccount.format.ps1xml',
                   'Views\DSInternals.DSAccount.ExportViews.format.ps1xml',
                   'Views\DSInternals.PasswordQualityTestResult.format.ps1xml',
                   'Views\DSInternals.KdsRootKey.format.ps1xml',
                   'Views\DSInternals.SamDomainPasswordInformation.format.ps1xml',
                   'Views\DSInternals.LsaPolicyInformation.format.ps1xml'

# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess
NestedModules = @('DSInternals.PowerShell.dll')

# Functions to export from this module
FunctionsToExport = @()

# Cmdlets to export from this module
CmdletsToExport = 'ConvertTo-NTHash', 'ConvertTo-LMHash', 'Set-SamAccountPasswordHash',
                  'ConvertFrom-UnicodePassword', 'ConvertTo-UnicodePassword',
                  'ConvertTo-OrgIdHash', 'ConvertFrom-GPPrefPassword',
                  'ConvertTo-GPPrefPassword', 'Add-ADDBSidHistory',
                  'Set-ADDBPrimaryGroup', 'Get-ADDBDomainController',
                  'Set-ADDBDomainController', 'Get-ADDBSchemaAttribute',
                  'Remove-ADDBObject', 'Get-ADDBAccount', 'Get-BootKey',
                  'Get-ADReplAccount', 'ConvertTo-Hex', 'ConvertTo-KerberosKey',
                  'ConvertFrom-ADManagedPasswordBlob',
                  'Get-ADDBBackupKey', 'Get-ADReplBackupKey', 'Save-DPAPIBlob',
                  'Set-ADDBBootKey', 'Test-PasswordQuality',
                  'Get-ADDBKdsRootKey', 'Get-SamPasswordPolicy', 'Get-ADSIAccount',
                  'Enable-ADDBAccount', 'Disable-ADDBAccount', 'Get-ADKeyCredential',
                  'Set-ADDBAccountPassword', 'Set-ADDBAccountPasswordHash', 'Get-LsaPolicyInformation',
                  'Set-LSAPolicyInformation', 'New-ADDBRestoreFromMediaScript','Get-LsaBackupKey',
                  'Add-ADReplNgcKey', 'Get-AzureADUserEx', 'Set-AzureADUserEx'

# Variables to export from this module
VariablesToExport = @()

# Aliases to export from this module
AliasesToExport = 'Set-WinUserPasswordHash', 'Set-ADAccountPasswordHash',
                  'ConvertFrom-UnattendXmlPassword', 'ConvertTo-AADHash',
                  'ConvertTo-MsoPasswordHash', 'Get-ADReplicationAccount',
                  'ConvertFrom-ManagedPasswordBlob', 'Get-SysKey', 'Set-ADDBSysKey',
                  'New-NTHashSet', 'Test-ADPasswordQuality',
                  'Test-ADDBPasswordQuality', 'Test-ADReplPasswordQuality',
                  'Get-ADPasswordPolicy', 'Get-ADDefaultPasswordPolicy', 'Get-KeyCredential',
                  'Get-KeyCredentialLink', 'Get-ADKeyCredentialLink', 'Get-LsaPolicy',
                  'Set-LsaPolicy', 'Get-SystemKey', 'Write-ADReplNgcKey', 'Write-ADNgcKey',
                  'Add-ADNgcKey', 'New-ADKeyCredential', 'New-ADKeyCredentialLink',
                  'New-ADNgcKey'

# List of assemblies that must be loaded prior to importing this module
RequiredAssemblies = @('DSInternals.Common.dll')

# List of all files packaged with this module
FileList = 'AutoMapper.dll',
           'CBOR.dll',
           'DSInternals.DataStore.dll',
           'DSInternals.Replication.dll',
           'DSInternals.Replication.Model.dll',
           'DSInternals.SAM.dll',
           'Esent.Interop.dll',
           'Esent.Isam.dll',
           'License.txt',
           'NDceRpc.Microsoft.dll',
           'Newtonsoft.Json.dll',
           'Numbers.dll',
           'amd64\DSInternals.Replication.Interop.dll',
           'x86\DSInternals.Replication.Interop.dll',
           'en-US\about_DSInternals.help.txt',
           'en-US\DSInternals.PowerShell.dll-Help.xml'

# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell.
PrivateData = @{

    PSData = @{

        # Tags applied to this module. These help with module discovery in online galleries.
        Tags = 'ActiveDirectory', 'AzureAD', 'Security', 'SAM', 'LSA', 'PSModule', 'Windows', 'FIDO'

        # A URL to the license for this module.
        LicenseUri = 'https://github.com/MichaelGrafnetter/DSInternals/blob/master/Src/DSInternals.PowerShell/License.txt'

        # A URL to the main website for this project.
        ProjectUri = 'https://github.com/MichaelGrafnetter/DSInternals'

        # A URL to an icon representing this module.
        IconUri = 'https://raw.githubusercontent.com/MichaelGrafnetter/DSInternals/master/Src/Icons/module_black.png'

        # ReleaseNotes of this module
        ReleaseNotes = @"
- Fixed a regression error in ntds.dit file modification on Windows Server 2022.
- Added pipeline input support to the -SamAccountName parameter of the Get-ADReplAccount cmdlet.
- All cmdlets that modify the ntds.dit file now require the -Force parameter to be present.
"@
    } # End of PSData hashtable

} # End of PrivateData hashtable

}
DSInternals\DSInternals.PowerShell.dll
md5: DD50E98435FA57AF8EE22F6DF059E80C | sha1: 3242885EBD6608A97DE4831EA81CC599695D2FA8 | sha256: 7ACF56936B8920C3134A908B06380E68179198235FE82569B79ADDA042F94DD1 | sha512: D24031D27126F99725C1225113CF4D6A77FD7C35E93B6C8714883CA7D203F90ED19C080CF62776874AFE26B124FB1153AC02F9973AC22DCAE948C048CE2549E9
DSInternals\DSInternals.DataStore.pdb
 
DSInternals\DSInternals.DataStore.dll
md5: 54DBF8F5A970BF1DC16CC7BCFA78F784 | sha1: F2DE43E6CCCFF8FB07DEBC0B4EC5F9FFF3E1A46E | sha256: D57A354840C3E547FA12C3DAF229D41E56E613F74A4C6EC4266A52FAFAE0212E | sha512: E569F29E01914DEBBD466F3B768206B1DD5ECEB821CA5A9D8C0E97DC58375B8390A0636BB863D493F400A93EB19E28AB1090315DB674AB24E88A1ABBF557DD61
DSInternals\DSInternals.Common.dll
md5: 268025B8A50A6A08D34A251361F24062 | sha1: 6DB51A4D48162507BDAE0B2B8BCC8FC8A9C4F474 | sha256: 8E27EBD68E26587174CE89D114B5F649A186B8D85948F7EB971AEBCD7D2CFB5E | sha512: 78FCAE559266B8989436E5B03D1735D2081D018CB2E76AF7186E8BA39BD061CD87F095CB65EF27AFA22A1CC868D836D07A516EE267FFDCADA14071BCAB92EADC
DSInternals\DSInternals.Bootstrap.psm1
#
# Script module file for the 'DSInternals' module.
#
# Copyright (c) Michael Grafnetter
#

#
# Load the platform-specific libraries.
# Note: This operation cannot be done in the module manifest,
#       as it only supports restricted language mode.
#

[string] $interopAssemblyPath = Join-Path $PSScriptRoot "$env:PROCESSOR_ARCHITECTURE\DSInternals.Replication.Interop.dll"
try
{
    Add-Type -Path $interopAssemblyPath
}
catch [System.IO.IOException]
{
    #
    # Make the error message more meaningful by checking common failure reasons.
    #

    [string] $message = 'The Get-ADRepl* cmdlets will not work properly, because the "{0}" assembly could not be loaded.' -f $interopAssemblyPath
    [System.Management.Automation.ErrorCategory] $errorCategory = [System.Management.Automation.ErrorCategory]::OpenError

    # Check the presence of the Universal C Runtime
    [string] $ucrtPath = Join-Path ([System.Environment]::SystemDirectory) 'ucrtbase.dll'
    [bool] $ucrtPresent = Test-Path $ucrtPath

    if(-not $ucrtPresent)
    {
        # This can happen on systems prior to Windows 10 with missing updates.
        $message += ' The Universal C Runtime is missing. Run Windows Update or install it manually and reload the DSInternals module afterwards.'
        $errorCategory = [System.Management.Automation.ErrorCategory]::NotInstalled
    }

    # Check if the interop assembly is blocked
    [object] $zoneIdentifier = Get-Item $interopAssemblyPath -Stream 'Zone.Identifier' -ErrorAction SilentlyContinue

    if($zoneIdentifier -ne $null)
    {
        # This usually happens to users of the ZIP distribution who forget to unblock it before extracting the files.
        $message += ' Unblock the assembly using either the Properties dialog or the Unblock-File cmdlet and reload the DSInternals module afterwards.'
        $errorCategory = [System.Management.Automation.ErrorCategory]::SecurityError
    }

    # Build the error report
    Write-Error -Message $message `
                -Exception $PSItem.Exception `
                -Category $errorCategory `
                -CategoryTargetName $interopAssemblyPath `
                -CategoryActivity $PSItem.CategoryInfo.Activity `
                -CategoryReason $PSItem.CategoryInfo.Reason
}

#
# Type Data
# Note: *.types.ps1xml cannot be used for the following configuration, because it is processed before *.psm1 and would thus fail loading platform-specific assemblies. 

Update-TypeData -TypeName 'DSInternals.Common.Data.SupplementalCredentials' `
                -TypeConverter ([DSInternals.PowerShell.SupplementalCredentialsDeserializer]) `
                -Force

#
# Cmdlet aliases
#

New-Alias -Name Set-ADAccountPasswordHash        -Value Set-SamAccountPasswordHash
New-Alias -Name Set-WinUserPasswordHash          -Value Set-SamAccountPasswordHash
New-Alias -Name Get-ADPasswordPolicy             -Value Get-SamPasswordPolicy
New-Alias -Name Get-ADDefaultPasswordPolicy      -Value Get-SamPasswordPolicy
New-Alias -Name ConvertFrom-UnattendXmlPassword  -Value ConvertFrom-UnicodePassword
New-Alias -Name ConvertTo-AADHash                -Value ConvertTo-OrgIdHash
New-Alias -Name ConvertTo-MsoPasswordHash        -Value ConvertTo-OrgIdHash
New-Alias -Name Get-ADReplicationAccount         -Value Get-ADReplAccount
New-Alias -Name ConvertFrom-ManagedPasswordBlob  -Value ConvertFrom-ADManagedPasswordBlob
New-Alias -Name Get-SysKey                       -Value Get-BootKey
New-Alias -Name Get-SystemKey                    -Value Get-BootKey
New-Alias -Name Set-ADDBSysKey                   -Value Set-ADDBBootKey
New-Alias -Name Test-ADPasswordQuality           -Value Test-PasswordQuality
New-Alias -Name Test-ADDBPasswordQuality         -Value Test-PasswordQuality
New-Alias -Name Test-ADReplPasswordQuality       -Value Test-PasswordQuality
New-Alias -Name Get-KeyCredential                -Value Get-ADKeyCredential
New-Alias -Name Get-KeyCredentialLink            -Value Get-ADKeyCredential
New-Alias -Name Get-ADKeyCredentialLink          -Value Get-ADKeyCredential
New-Alias -Name New-ADKeyCredential              -Value Get-ADKeyCredential
New-Alias -Name New-ADKeyCredentialLink          -Value Get-ADKeyCredential
New-Alias -Name New-ADNgcKey                     -Value Get-ADKeyCredential
New-Alias -Name Get-LsaPolicy                    -Value Get-LsaPolicyInformation
New-Alias -Name Set-LsaPolicy                    -Value Set-LsaPolicyInformation
New-Alias -Name Write-ADReplNgcKey               -Value Add-ADReplNgcKey
New-Alias -Name Write-ADNgcKey                   -Value Add-ADReplNgcKey
New-Alias -Name Add-ADNgcKey                     -Value Add-ADReplNgcKey

# Export the aliases
Export-ModuleMember -Alias * -Cmdlet *
DSInternals\CBOR.dll
md5: 8DEF7E1FC741E9D8CBCE2E8F4D4E11B4 | sha1: 85BA62180D7ED3BAA15BD2E4DFDDB3091FF8675E | sha256: 442ADD0037FF9593C3737F5C77BF77B198AFD5DD3A8DA0714F3C50D990EA733C | sha512: 199AC50D872069BF915CA15C3EDB55DCAFE5465DB2319DB755572A6C66CC71695AF008EF075B2E3CD8B13F862C0341756F0A488730E3F0E3B0D52BA0A08E22D6
DSInternals\AutoMapper.dll
md5: CF38ABA069CADF6DEBD67A9AD9FB23BF | sha1: D93D36FF8F6745DA6DA15B277A0E1571FDB49AC8 | sha256: 0A2E8408C0533E7DA44E4F40DCB475667F9DD5EEBE34C21A4BFBFB826065A501 | sha512: C243AFCEB438587E7BC31EA447131A5251460C1E75D786B2BE2076E231D0B8B84E074584C09F4F4DDA759B8DB6E4059A2E2D3BEAF2F3A9A16041BE8E9F2F40C3
tools\VERIFICATION.txt
VERIFICATION

This is the official DSInternals PowerShell Module Chocolatey package.

The package is self-contained and contains the same files as the GitHub ZIP release (https://github.com/MichaelGrafnetter/DSInternals/releases).

File integrity can be checked against the catalog file using the following PowerShell 5 command:

Test-FileCatalog -CatalogFilePath tools\DSInternals.cat -Path DSInternals -Detailed

Note that the catalog file is not digitally signed (for now).
tools\chocolateyuninstall.ps1
$ErrorActionPreference = 'Stop'

# Remove Module Files
$destinationDir = Join-Path -Path $PSHOME -ChildPath 'Modules\DSInternals'
Remove-Item -Path $destinationDir -Recurse -Force -ErrorAction SilentlyContinue

# Remove Start Menu Link
$shortcutPath = Join-Path -Path $env:ProgramData -ChildPath 'Microsoft\Windows\Start Menu\Programs\DSInternals PowerShell Module.lnk'
Remove-Item -Path $shortcutPath -Force -ErrorAction SilentlyContinue
tools\chocolateyinstall.ps1
Set-StrictMode -Version 'Latest'
$ErrorActionPreference = 'Stop'

# Check PowerShell Version
# Note: The #requires statement is not used in order to provide a custom message.
if ($PSVersionTable.PSVersion -lt [Version]'3.0')
{
    throw 'The minimum required version of PowerShell is 3. Please upgrade by running the "choco install powershell" command first.'
}

# Copy Files
$toolsDir = Split-Path -Parent ($MyInvocation.MyCommand.Definition)
$sourceDir = Join-Path -Path $toolsDir -ChildPath '..\DSInternals' -Resolve
$destinationDir = Join-Path -Path $PSHOME -ChildPath 'Modules\DSInternals'
robocopy $sourceDir $destinationDir /MIR /MOVE /NJS /NJH /NDL /NFL /NS /NP

# Cleanup
Remove-Item -Path $sourceDir -Recurse -Force -ErrorAction SilentlyContinue

# Create Start Menu Link
$psPath = (Get-Command -Name 'powershell.exe').Path
$psArguments = '-NoExit -Command "& { Import-Module -Name DSInternals; Get-Help -Name about_DSInternals }"'
$shortcutPath = Join-Path -Path $env:ProgramData -ChildPath 'Microsoft\Windows\Start Menu\Programs\DSInternals PowerShell Module.lnk'
Install-ChocolateyShortcut -ShortcutFilePath $shortcutPath -TargetPath $psPath -Arguments $psArguments -WorkingDirectory "$env:SystemDrive\"

Log in or click on link to see number of positives.

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Add to Builder Version Downloads Last Updated Status
DSInternals PowerShell Module 4.13.0 898 Wednesday, December 20, 2023 Approved
DSInternals PowerShell Module 4.12.0 630 Friday, October 6, 2023 Approved
DSInternals PowerShell Module 4.11.0 240 Sunday, October 1, 2023 Approved
DSInternals PowerShell Module 4.10.0 515 Saturday, September 16, 2023 Approved
DSInternals PowerShell Module 4.9 3850 Saturday, February 25, 2023 Approved
DSInternals PowerShell Module 4.8 2302 Tuesday, December 6, 2022 Approved
DSInternals PowerShell Module 4.7 9027 Saturday, October 30, 2021 Approved
DSInternals PowerShell Module 4.6 547 Tuesday, October 19, 2021 Approved
DSInternals PowerShell Module 4.5 379 Wednesday, October 13, 2021 Approved
DSInternals PowerShell Module 4.4.1 9270 Saturday, July 18, 2020 Approved
DSInternals PowerShell Module 4.4 819 Friday, July 3, 2020 Approved
DSInternals PowerShell Module 4.3 3499 Thursday, April 2, 2020 Approved
DSInternals PowerShell Module 4.2 869 Wednesday, March 18, 2020 Approved
DSInternals PowerShell Module 4.1 1032 Thursday, December 12, 2019 Approved
DSInternals PowerShell Module 4.0 326 Wednesday, December 4, 2019 Approved
DSInternals PowerShell Module 3.6.1 311 Saturday, August 10, 2019 Approved
DSInternals PowerShell Module 3.6 287 Thursday, June 27, 2019 Approved
DSInternals PowerShell Module 3.5.1 327 Thursday, May 23, 2019 Approved
DSInternals PowerShell Module 3.5 279 Sunday, May 12, 2019 Approved
DSInternals (Install) 3.3 238 Sunday, March 31, 2019 Approved
DSInternals (Install) 3.1 240 Wednesday, January 2, 2019 Approved
DSInternals (Install) 2.23 276 Wednesday, August 29, 2018 Approved
DSInternals (Install) 2.22 1638 Friday, February 2, 2018 Approved

  • Fixed a regression error in ntds.dit file modification on Windows Server 2022.
  • Added pipeline input support to the -SamAccountName parameter of the Get-ADReplAccount cmdlet.
  • All cmdlets that modify the ntds.dit file now require the -Force parameter to be present.

Discussion for the DSInternals PowerShell Module Package

Ground Rules:

  • This discussion is only about DSInternals PowerShell Module and the DSInternals PowerShell Module package. If you have feedback for Chocolatey, please contact the Google Group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or DSInternals PowerShell Module, or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.
comments powered by Disqus