-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds incorrect domain to results #106
Comments
This is the same issue as the "wrong scan name". Sorry for duplicating the entry. It gives the same path for all tenants. Completely different sessions, and different logins. I just did one for a user investigation only. Moved to C:\Temp instead of c:\hawk. it looks like the scan was for a different tenant than was scanned. It's not life-threatening, it just looks unprofessional. |
@Techlisalh - Would it be possible to schedule a time talk to better understand the use case when running against multiple tenants. If so please email me hawk_feedback@microsoft.com so we can get something on the books. Thanks |
Sure, I I’m available on and off throughout the day…send me a time or two and we can schedule!
Kind Regards,
[NN with R Flattened_250 x 84]
…_________________________________________
Lisa Hall
IT Support Manager
Natural Networks, Inc.
7047 Carroll Road
San Diego, CA 92121
***@***.******@***.***>
www.naturalnetworks.com<https://www.naturalnetworks.com/>
(619) 222-3232, ext. 108 office<tel:%20619%20222%203232>
***@***.***
From: Paul Navarro ***@***.***>
Sent: Thursday, June 29, 2023 12:18 PM
To: T0pCyber/hawk ***@***.***>
Cc: Lisa Hall ***@***.***>; Mention ***@***.***>
Subject: Re: [T0pCyber/hawk] Adds incorrect domain to results (Issue #106)
@Techlisalh<https://github.com/Techlisalh> - Would it be possible to schedule a time talk to better understand the use case when running against multiple tenants.
—
Reply to this email directly, view it on GitHub<#106 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/A6ZXBVAU4PBJ6W74IE2QNSTXNXIGXANCNFSM6AAAAAAZXTUZQQ>.
You are receiving this because you were mentioned.Message ID: ***@***.******@***.***>>
|
Hi There, It looks like the MSGraph sessions persist across PowerShell sessions - see https://learn.microsoft.com/en-us/powershell/microsoftgraph/authentication-commands?view=graph-powershell-1.0 To Replicate Workaround: As it seems to get the correct data for a tenant the permanent fix is to either have HAWK disconnect once done or grab the tenant name from elsewhere in
|
@Techlisalh - Would Friday the 21st of July work for you? If so please email the Hawk email address so I can coordinate a meeting. |
I can be available on the 21st. I did see your earlier email mentioning it’s a graph issue. I appreciate the attention to this. I love this script. It’s been a lifesaver, seriously!
Kind Regards,
[NN with R Flattened_250 x 84]
…_________________________________________
Lisa Hall
IT Support Manager
Natural Networks, Inc.
7047 Carroll Road
San Diego, CA 92121
***@***.******@***.***>
www.naturalnetworks.com<https://www.naturalnetworks.com/>
(619) 222-3232, ext. 108 office<tel:%20619%20222%203232>
***@***.***
From: Paul Navarro ***@***.***>
Sent: Thursday, July 13, 2023 2:33 PM
To: T0pCyber/hawk ***@***.***>
Cc: Lisa Hall ***@***.***>; Mention ***@***.***>
Subject: Re: [T0pCyber/hawk] Adds incorrect domain to results (Issue #106)
@Techlisalh<https://github.com/Techlisalh> - Would Friday the 21st of July work for you? If so please email the Hawk email address so I can coordinate a meeting.
***@***.******@***.***>
—
Reply to this email directly, view it on GitHub<#106 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/A6ZXBVGTXH6B7VNZTLWAZ63XQBSQ5ANCNFSM6AAAAAAZXTUZQQ>.
You are receiving this because you were mentioned.Message ID: ***@***.******@***.***>>
|
Describe the bug
A clear and concise description of what the bug is.
When I run a tenant or user investigation, the results append the incorrect domain
To Reproduce
Steps to reproduce the behavior:
Run investigation, and answer questions, no matter where I indicate to save the output, it adds one of our tenant's names in the path instead of the tenant we are investigating.
Expected behavior
A clear and concise description of what you expected to happen. I expect that the folder name will include the actual domain name being looked at
Screenshots
If applicable, add screenshots to help explain your problem.
File (please complete the following information):
Additional context
Add any other context about the problem here. I saw a possible feature request to add the default domain name to the folders; however, that only works if you work in a single tenant. We have 50 tenants that we have to run reports on at times. I do rename the folder after the fact, but many logs show I made the change. Please change the behavior back to the way it was, no domain added, then I can indicate the correct tenant, and don't have to remove the one set as default.
The text was updated successfully, but these errors were encountered: