Cannot index Into a null array

[jamesaepp]

Despite all I'm writing below, it seems other users have pointed out that the "upstream" maintainer/author of this script has made updates but MS hasn't pulled/merged them into this repo. For all I know this bug is fixed upstream. It'd be great if someone from MS can revive this repo and give it the TLC it needs. I for one am more comfortable using a script like this after Microsoft has vetted it.

I'm opening this issue, essentially duplicating #5

1F1D, 2016 DFL and FFL.

I run the New-KrbtgtKeys script a couple times a year. Yesterday while running it in mode 1, I got a flood of red text as described in the previous issue, same line - 2277. Very different than I'm used to. As mentioned by a commentor in that thread, the issue (for me) appears to present because of having recently removed/decommissioned/replaced the DC which is referenced in the LastOriginatingChangeDirectoryServerIdentity property. Instead of appearing as the expected/desired string, it showed up with a 0ADEL prefix. I don't have immediate access to the script's output to share that, but I don't think it matters too much.

Debugging manually, the error appears to be within the line...

$orgRWDCServerObjectObj = ([ADSI]"LDAP://$targetedADdomainRWDCWithPDCFSMOFQDN/$orgRWDCServerObjectDN")

...which shows up a few times throughout the script, so I imagine this isn't the only mode where it occurs. The script assumes the $orgRWDCServerObjectDN variable is going to have the expected data pattern in it, but because it doesn't, this issue then finally cascades through to line 2277.

Looking a bit further in the script, it looks like there was supposed to be handling for if an RWDC was demoted, but I guess the script in its current state does not handle a case like what happens here. This also goes beyond how far I wanted to take my investigation.

[cchapin-ms]

The MS Open Source team is working to identify a team to own this repo.