MDI Test and Set dont work in non-English domains #694
Description
I inform a bug in Microsoft Defender for Identity: MDI Test and Set PowerShell’s commands don’t work in non-English domains, example Italian, Spanish and Portuguese.
Error when domain is in Portuguese-Brasil because "Cert Publishers" group call in PT-BR as "Editores de Certificados" and "Domain Contollers" as "Controladores de domínio"
Example: Test-MDIConfiguration -Mode Domain -Configuration All
Result:
PS C:\Windows\system32> Test-MDIConfiguration -Mode Domain -Configuration All
Get-GPPermission : The operation cannot be completed because "Cert Publishers"
is not a valid security group in the RITRAMABR1.LOCAL domain. Make sure that
the TargetName and TargetType parameters specify a valid security group for the
domain. Then, run the command again.
Parameter name: targetName
At C:\Program Files\WindowsPowerShell\Modules\DefenderForIdentity\1.0.0.1\Defend
erForIdentity.psm1:1675 char:13
-
Get-GPPermission @mdiGpPermissionParams -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : InvalidArgument: (Microsoft.Group...missionsComma
nd:GetGPPermissionsCommand) [Get-GPPermission], ArgumentException - FullyQualifiedErrorId : UnableToRetrieveTargetSID,Microsoft.GroupPolicy.C
ommands.GetGPPermissionsCommand
- CategoryInfo : InvalidArgument: (Microsoft.Group...missionsComma
Get-GPPermission : The operation cannot be completed because "Domain
Controllers" is not a valid security group in the RITRAMABR1.LOCAL domain. Make
sure that the TargetName and TargetType parameters specify a valid security
group for the domain. Then, run the command again.
Parameter name: targetName
At C:\Program Files\WindowsPowerShell\Modules\DefenderForIdentity\1.0.0.1\Defend
erForIdentity.psm1:1675 char:13
-
Get-GPPermission @mdiGpPermissionParams -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : InvalidArgument: (Microsoft.Group...missionsComma
nd:GetGPPermissionsCommand) [Get-GPPermission], ArgumentException - FullyQualifiedErrorId : UnableToRetrieveTargetSID,Microsoft.GroupPolicy.C
ommands.GetGPPermissionsCommand
- CategoryInfo : InvalidArgument: (Microsoft.Group...missionsComma
Get-GPPermission : The operation cannot be completed because "Cert Publishers"
is not a valid security group in the RITRAMABR1.LOCAL domain. Make sure that
the TargetName and TargetType parameters specify a valid security group for the
domain. Then, run the command again.
Parameter name: targetName
At C:\Program Files\WindowsPowerShell\Modules\DefenderForIdentity\1.0.0.1\Defend
erForIdentity.psm1:1953 char:13
-
Get-GPPermission @mdiGpPermissionParams -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : InvalidArgument: (Microsoft.Group...missionsComma
nd:GetGPPermissionsCommand) [Get-GPPermission], ArgumentException - FullyQualifiedErrorId : UnableToRetrieveTargetSID,Microsoft.GroupPolicy.C
ommands.GetGPPermissionsCommand
- CategoryInfo : InvalidArgument: (Microsoft.Group...missionsComma
Get-GPPermission : The operation cannot be completed because "Domain
Controllers" is not a valid security group in the RITRAMABR1.LOCAL domain. Make
sure that the TargetName and TargetType parameters specify a valid security
group for the domain. Then, run the command again.
Parameter name: targetName
At C:\Program Files\WindowsPowerShell\Modules\DefenderForIdentity\1.0.0.1\Defend
erForIdentity.psm1:1953 char:13
-
Get-GPPermission @mdiGpPermissionParams -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : InvalidArgument: (Microsoft.Group...missionsComma
nd:GetGPPermissionsCommand) [Get-GPPermission], ArgumentException - FullyQualifiedErrorId : UnableToRetrieveTargetSID,Microsoft.GroupPolicy.C
ommands.GetGPPermissionsCommand
- CategoryInfo : InvalidArgument: (Microsoft.Group...missionsComma
False
PS C:\Windows\system32>