SharpHound v2 is officially generally available. If you have not already done so, please make sure you upgrade your SharpHound collectors to v2.1+. SharpHound v1 will officially be end-of-life on May 1, 2023.
NOTE: Upgrading to SharpHound v2+ must occur concurrently on all services and requires enabling the “Enable post processing of local groups” early access feature simultaneously.
Instructions to upgrade your collector may be found here! Our Customer Success team will begin reaching out to all customers still running SharpHound v1 and would be happy to help if you require it.
Minimum version of SharpHound Service to support all current functionality: v2.1.2
Optional support for LDAP authentication auto-negotiation (simplified External trust collection support) - SharpHound now supports a configurable option to enable authentication auto-negotiation for LDAP authentication (ForceLDAPkerberosAuth, defaulted to True). In most cases, the default value is preferred.
By default, your forest will not attempt to search for principals across External trusts without a specific configuration to do so. If you are unable to configure the Forest Search Order to do so, auto-negotiation will allow NTLM authentication to the trusted domains (mimicking the behavior of the SharpHound open-source collector). See SharpHound Cross-Trust Collection documentation for more.
Maximum concurrent search query support - SharpHound now supports a configurable number of maximum concurrent queries executed against a domain controller (MaxConcurrentSearchQueries, defaulted to 15). Historically, SharpHound would attempt queries as quickly as possible; however, this could exceed the maximum allowable queries configured. In most cases, the default value should be sufficient.
NOTE: Upgrading to SharpHound v2+ must occur concurrently on all services and requires enabling the “User Rights Assignment Collection” experimental feature at the same time. Please contact your TAM or respond to this email for assistance.
Minimum version of AzureHound Service to support all current functionality: v1.2.4
No release this week.
SharpHound v2 is officially generally available. If you have not already done so, please make sure you upgrade your SharpHound collectors to v2.1+. SharpHound v1 will officially be end-of-life on May 1, 2023.
NOTE: Upgrading to SharpHound v2+ must occur concurrently on all services and requires enabling the “Enable post processing of local groups” early access feature simultaneously.
Instructions to upgrade your collector may be found here! Our Customer Success team will begin reaching out to all customers still running SharpHound v1 and would be happy to help if you require it.
Minimum version of SharpHound Service to support all current functionality: v2.1.2
Optional support for LDAP authentication auto-negotiation (simplified External trust collection support) - SharpHound now supports a configurable option to enable authentication auto-negotiation for LDAP authentication (ForceLDAPkerberosAuth, defaulted to True). In most cases, the default value is preferred.
By default, your forest will not attempt to search for principals across External trusts without a specific configuration to do so. If you are unable to configure the Forest Search Order to do so, auto-negotiation will allow NTLM authentication to the trusted domains (mimicking the behavior of the SharpHound open-source collector). See SharpHound Cross-Trust Collection documentation for more.
Maximum concurrent search query support - SharpHound now supports a configurable number of maximum concurrent queries executed against a domain controller (MaxConcurrentSearchQueries, defaulted to 15). Historically, SharpHound would attempt queries as quickly as possible; however, this could exceed the maximum allowable queries configured. In most cases, the default value should be sufficient.
NOTE: Upgrading to SharpHound v2+ must occur concurrently on all services and requires enabling the “User Rights Assignment Collection” experimental feature at the same time. Please contact your TAM or respond to this email for assistance.
Minimum version of AzureHound Service to support all current functionality: v1.2.4
No release this week.