Mode 4 doesn't have an option to skip one fix and continue about locksmith HOT 8 CLOSED

Good catch, @dzcmr. (No pun intended.) I see where/why that is happening in the mode 4 code. It's part of a try/catch block that needs to be scoped specifically to each fix or changed to a different confirmation method. Thanks for the feedback!

from locksmith.

@dzcmr What Powershell version are you using?

from locksmith.

Just 5, I can go back and get the minor version if you need

from locksmith.

Interesting! No need to get the minor version. I was curious if this was a 7.4.0 related issue, but nope!

from locksmith.

Hi @dzcmr! Would you mind running Invoke-Locksmith -Mode 3 and sending me a redacted version of the generated CSV file?

The reason I ask: Mode 4 doesn't currently auto-run fixes for all identified issues. So, the behavior you've described makes sense if you skipped the last fixable issue.

That being said, Locksmith should inform you if there are remaining issues that it is unable to fix.

from locksmith.

Hey, so this was the first issue it found (from a longish list) - It covered Auditing not being enabled, ESC1, ESC4, ESC5.

some of the ESC5s remain but I've manually fixed up everything else (except for auditing which isn't possible as it's not a real CA but a proxy CA - i.e. it appears like a CA but is not)

I can still send through a redacted output though if it helps.

from locksmith.

Interesting. Well, either way, the Locksmith team all agreed to change it anyway! Look for a different dialog soon. :D

from locksmith.

@dzcmr I started working on improving the Mode 4 confirmation dialog this morning and got a little carried away. If you've got a moment, would you mind testing the testing branch?

from locksmith.