Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: ingestion omits adding MemberOf edges on AUTHENTICATED USERS group for principals of child domains #863

Open
jmbesnard opened this issue Sep 17, 2024 · 1 comment
Labels
bug Something isn't working ticketed (automation only) Ticket has been created internally for tracking

Comments

@jmbesnard
Copy link

Description:

After ingestion of json files, data in neo4j show that AUTHENTICATED USERS groups contains only the DOMAIN COMPUTERS and DOMAIN USERS groups of the current domain whereas it should also contain the ones of child domains.
In BH legacy, the ingestion included not only child domains but also any domain with a trust (which was incorrect too).

Are you intending to fix this bug?

No

Component(s) Affected:

  • API

Steps to Reproduce:

Ingest data from a forest and check what objects have MemberOf edges towards the AUTHENTICATED USERS group of the root domain

Expected Behavior:

Should contain DOMAIN COMPUTERS and DOMAIN USERS also of child domains

Actual Behavior:

Contains only of current domain

Screenshots/Code Snippets/Sample Files:

Environment Information:

BloodHound: 5.15

Collector: SH, any version
OS: GNU/Linux

Additional Information:

Potential Solution (optional):

Related Issues:

Contributor Checklist:

@jmbesnard jmbesnard added bug Something isn't working triage This issue requires triaging labels Sep 17, 2024
@StephenHinck StephenHinck reopened this Sep 17, 2024
@rvazarkar
Copy link
Contributor

I believe we've got some upcoming work on the actual behavior of Auth Users/Everyone across trusts so we can properly model this

@slokie-so slokie-so added the ticketed (automation only) Ticket has been created internally for tracking label Oct 21, 2024
@StephenHinck StephenHinck removed the triage This issue requires triaging label Nov 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working ticketed (automation only) Ticket has been created internally for tracking
Projects
None yet
Development

No branches or pull requests

4 participants