starred/Set-OutlookSignatures-Set-OutlookSignatures
1
0
Fork 0
mirror of https://github.com/Set-OutlookSignatures/Set-OutlookSignatures.git synced 2026-04-26 18:55:53 +03:00
Code Issues Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #83] Can't access local AD #30

New issue
Closed
opened 2026-02-27 20:30:53 +03:00 by kerem · 4 comments
kerem commented 2026-02-27 20:30:53 +03:00
Owner
Copy link

Originally created by @panki27 on GitHub (Aug 16, 2023).
Original GitHub issue: https://github.com/Set-OutlookSignatures/Set-OutlookSignatures/issues/83

Originally assigned to: @panki27 on GitHub.

Hi, I've tried running Set-OutlookSignatures for the first time.
The script throws an error while trying to access the on-prem AD. I believe this is happening because the forest name is identical to the domain name.

Output (sorry for the German verbose message - I don't think there's a way to easily change this, other than changing entire OS language...):

Enumerate domains @2023-08-16T10:53:15+02:00@
  User forest: contoso.com
    Child domain: a.contoso.com
    Child domain: b.contoso.com
    Child domain: c.contoso.com
    Child domain: d.contoso.com
    Child domain: e.contoso.com
    Child domain: f.contoso.com
    Child domain: g.contoso.com
    Child domain: h.contoso.com
    Child domain: i.contoso.com
    Child domain: j.contoso.com
    Child domain: k.contoso.com
    Child domain: l.contoso.com
  Trusted domain: contoso.com
AUSFÜHRLICH: Ausnahme beim Aufrufen von "Add" mit 2 Argument(en):  "Das Element wurde bereits hinzugefügt. Schlüssel im Wörterbuch: "contoso.com". Hinzuzufügender Schlüssel: "contoso.com"."
  Problem connecting to logged-in user's Active Directory (see verbose stream for error message).
  Assuming Graph/Entra ID/Azure AD from now on.

The issue is here: github.com/GruberMarkus/Set-utlookSignatures@dfae4b37a8/src_Set-OutlookSignatures/Set-OutlookSignatures.ps1 (L1170)

Debugging the $LookupDomainsToTrusts variable shows that it already contains contoso.com, which is then being added a second time, which leads to the above exception.

I was able to work around it like this:

if ( -not $LookupDomainsToTrusts[$TrustedDomain.properties.name]) {
    $LookupDomainsToTrusts.add($TrustedDomain.properties.name.tolower(), $TrustedDomain.properties.name.tolower())
}

But I'm not sure if this is the best approach. If you think it is, let me know and I'll create a PR.

Originally created by @panki27 on GitHub (Aug 16, 2023). Original GitHub issue: https://github.com/Set-OutlookSignatures/Set-OutlookSignatures/issues/83 Originally assigned to: @panki27 on GitHub. Hi, I've tried running Set-OutlookSignatures for the first time. The script throws an error while trying to access the on-prem AD. I believe this is happening because the forest name is identical to the domain name. Output (sorry for the German verbose message - I don't think there's a way to easily change this, other than changing entire OS language...): ``` Enumerate domains @2023-08-16T10:53:15+02:00@ User forest: contoso.com Child domain: a.contoso.com Child domain: b.contoso.com Child domain: c.contoso.com Child domain: d.contoso.com Child domain: e.contoso.com Child domain: f.contoso.com Child domain: g.contoso.com Child domain: h.contoso.com Child domain: i.contoso.com Child domain: j.contoso.com Child domain: k.contoso.com Child domain: l.contoso.com Trusted domain: contoso.com AUSFÜHRLICH: Ausnahme beim Aufrufen von "Add" mit 2 Argument(en): "Das Element wurde bereits hinzugefügt. Schlüssel im Wörterbuch: "contoso.com". Hinzuzufügender Schlüssel: "contoso.com"." Problem connecting to logged-in user's Active Directory (see verbose stream for error message). Assuming Graph/Entra ID/Azure AD from now on. ``` The issue is here: https://github.com/GruberMarkus/Set-utlookSignatures/blob/dfae4b37a84987ed76dc962b0fe52e29260019de/src_Set-OutlookSignatures/Set-OutlookSignatures.ps1#L1170 Debugging the `$LookupDomainsToTrusts` variable shows that it already contains `contoso.com`, which is then being added a second time, which leads to the above exception. I was able to work around it like this: ``` if ( -not $LookupDomainsToTrusts[$TrustedDomain.properties.name]) { $LookupDomainsToTrusts.add($TrustedDomain.properties.name.tolower(), $TrustedDomain.properties.name.tolower()) } ``` But I'm not sure if this is the best approach. If you think it is, let me know and I'll create a PR.
kerem closed this issue 2026-02-27 20:30:54 +03:00
kerem commented 2026-02-27 20:30:54 +03:00
Author
Owner
Copy link

@GruberMarkus commented on GitHub (Aug 16, 2023):

Deutsch ist überhaupt kein Problem. But let's stick to English, to make it easier for other users to follow this issue.

You are right with your assumption and your sample code would work. I will consider integrating the code in the next hotfix release - but we must find the root cause first: Why does Set-OutlookSignature detect this specific trust anyhow?

Please open the Active Directory Domains and Trusts MMC snap-in and check, if the root domain contoso.com has configured a trust to itself. If yes, than this is something you should investigate (I have never seen such a configuration, and ad-hoc can't imagine why this would be neccessary).

<!-- gh-comment-id:1680341736 --> @GruberMarkus commented on GitHub (Aug 16, 2023): Deutsch ist überhaupt kein Problem. But let's stick to English, to make it easier for other users to follow this issue. You are right with your assumption and your sample code would work. I will consider integrating the code in the next hotfix release - but we must find the root cause first: Why does Set-OutlookSignature detect this specific trust anyhow? Please open the Active Directory Domains and Trusts MMC snap-in and check, if the root domain contoso.com has configured a trust to itself. If yes, than this is something you should investigate (I have never seen such a configuration, and ad-hoc can't imagine why this would be neccessary).
kerem commented 2026-02-27 20:30:54 +03:00
Author
Owner
Copy link

@panki27 commented on GitHub (Aug 16, 2023):

Hi Markus,
I've checked this by opening the properties of the root domain contoso.com and checking the list of outgoing and incoming trusts.

There is no reference to contoso.com, only to the child domains a.contoso.com, b.contoso.com and so on.
But thank you for this hint, I'll keep investigating.

<!-- gh-comment-id:1680377800 --> @panki27 commented on GitHub (Aug 16, 2023): Hi Markus, I've checked this by opening the properties of the root domain `contoso.com` and checking the list of outgoing and incoming trusts. There is no reference to `contoso.com`, only to the child domains `a.contoso.com`, `b.contoso.com` and so on. But thank you for this hint, I'll keep investigating.
kerem commented 2026-02-27 20:30:54 +03:00
Author
Owner
Copy link

@panki27 commented on GitHub (Aug 16, 2023):

After using several Powershell cmdlets, I can confidently say there is no "special" trust relation from the parent domain to itself (which would be really weird, indeed).

My guess is that this happens because forest name == domain name, which is against M$ best practice. So I really can't fault your script here!

<!-- gh-comment-id:1680437101 --> @panki27 commented on GitHub (Aug 16, 2023): After using several Powershell cmdlets, I can confidently say there is no "special" trust relation from the parent domain to itself (which would be really weird, indeed). My guess is that this happens because forest name == domain name, which is against M$ best practice. So I really can't fault your script here!
kerem commented 2026-02-27 20:30:54 +03:00
Author
Owner
Copy link

@GruberMarkus commented on GitHub (Aug 16, 2023):

Nonetheless, the code change you proposed makes sense and I will integrate it in the next hotfix release (which will very likely be released until the end of this week).

<!-- gh-comment-id:1680443998 --> @GruberMarkus commented on GitHub (Aug 16, 2023): Nonetheless, the code change you proposed makes sense and I will integrate it in the next hotfix release (which will very likely be released until the end of this week).
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
v4.26.1
v4.26.0
v4.25.0
v4.24.0
v4.23.0
v4.22.0
v4.21.0
v4.20.4
v4.20.3
v4.20.2
v4.20.1
v4.20.0
v4.19.0
v4,18.3
v4.18.3
v4.18.2
v4.18.1
v4.18.0
v4.17.0
v4.16.1
v4.16.0
v4.15.0
v4.14.2
v4.14.1
v4.14.0
v4.13.0
v4.12.2
v4.12.1
v4.12.0
v4.11.0
v4.10.1
v4.10.0
v4.9.0
v4.8.1
v4.8.0
v4.8.0-beta.2
v1.3.0
v1.4.0
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.5.4
v1.6.0
v1.6.1
v2.0.0
v1.2.1
v1.2.0
v2.0.2
v2.1.0
v2.1.1
v2.1.2
v2.2.0
v2.2.1
v2.3.0
v2.3.0-beta1
v2.3.0-beta2
v2.3.0-beta3
v2.3.0-beta5
v2.5.2
v2.4.0
v2.4.0-beta1
v2.5.0
v2.5.0-beta1
v2.5.0-beta2
v2.5.0-beta3
v1.1.0
v1.0.0
v2.5.1
v3.6.1
v3.6.0
v3.5.1
v3.5.0
v3.4.1
v3.4.0
v3.3.0-alpha3
v3.3.0-alpha2
v3.3.0-alpha1
v3.3.0
v3.2.2
v3.2.1-beta3
v3.2.1-beta2
v3.2.1-beta1
v3.2.1
v3.2.0-beta1
v3.2.0
v3.1.0-alpha.54
v3.1.0-alpha.52
v3.1.0-alpha.51
v3.1.0-alpha.42
v3.1.0
v3.0.0-beta1
v3.0.0
v2.3.1
v2.3.0-beta4
v4.7.0
v4.6.1
v4.6.0
v4.5.0
v4.4.0
v4.3.0
v4.2.1
v4.2.0
v4.1.0
v4.0.0
Labels
Clear labels   
bug

   
dependencies

   
documentation

   
enhancement

   
invalid

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
wontfix
No labels
bug
dependencies
documentation
enhancement
invalid
pull-request
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Set-OutlookSignatures-Set-OutlookSignatures#30
No description provided.