I would like to automate the KRBTGT user password reset via a workflow as a countermeasure to the Golden ticket problem.
I've tried to set up a workflow that makes works as follow
search activity looks for users in active directory with condition samaccountname equal to krbtgt (I expect it find only one)
then enter in a if condition where in one branch there is the match with the username (also in the other without any condition)
then the change property set the password via script using the password script provided
I got the error
Invalid number of parameters.
|
but it is not clear which are the parameters expeted nor how to pass them to the script.
could someone give a hand here?
kind regards to all
Danilo