_ _____ _______ _ _ _______ _______ _____ _______ _ _
| | | | |____/ |______ | | | | | |_____|
|_____ |_____| |_____ | \_ ______| | | | __|__ | | |
.--. .--. .--.
/.-. '----------. /.-. '----------. /.-. '----------.
\'-' .--'--''-'-' \'-' .--'--''-'-' \'-' .--'--''-'-'
'--' '--' '--'
A tiny tool to identify and remediate common misconfigurations in Active Directory Certificate Services
PS> .\Invoke-Locksmith.ps1Running Invoke-Locksmith.ps1 with no parameters or -Mode 0 will scan the current forest and output all discovered AD CS issues to the console in Table format.
Example Output for Mode 0: https://github.com/TrimarcJake/Locksmith/blob/main/examples/Mode0.md
PS> .\Invoke-Locksmith.ps1 -Mode 1This mode scans the current forest and outputs all discovered AD CS issues and possible fixes to the console in List format.
Example Output for Mode 1: https://github.com/TrimarcJake/Locksmith/blob/main/examples/Mode1.md
PS> .\Invoke-Locksmith.ps1 -Mode 2Locksmith Mode 2 scans the current forest and outputs all discovered AD CS issues to ADCSIssues.CSV in the present working directory.
Example Output for Mode 2: https://github.com/TrimarcJake/Locksmith/blob/main/examples/Mode2.md
PS> .\Invoke-Locksmith.ps1 -Mode 3In Mode 3, Locksmith scans the current forest and outputs all discovered AD CS issues and example fixes to ADCSRemediation.CSV in the present working directory.
Example Output for Mode 3: https://github.com/TrimarcJake/Locksmith/blob/main/examples/Mode3.md
PS> .\Invoke-Locksmith.ps1 -Mode 4 Mode 4 is the "easy button." Running Locksmith in Mode 4 will identify all misconfigurations and offer to fix each issue. If there is any possible operational impact, Locksmith will warn you.
Example Output for Mode 4: https://github.com/TrimarcJake/Locksmith/blob/main/examples/Mode4.md