Hi everyone.
I’ve been trying to make a custom vulnerability check just for domain controllers however I keep running into the same problem. Regardless of if I use or the logic in the vck files never seems to get applied. In one of the screenshots there is the logic to this vulnerability check. The other two files are running this check on both a domain controller and non domain controller. The first part of the vck file is check that the registry key doesn’t exists because all domain controllers have that key and all non domain controllers are missing it. The second part is to make sure that two registry keys are set to the correct values. The problem is that when running the check it will always check each part and report back that the asset is vulnerable. The non domain controllers say they’re missing the two keys I check and domain controllers says that the key exists when it’s shouldn’t. I thought that using would fix this but that doesn’t seem to be the case. Has anyone seen anything like this or know the way to fix it?
