From e3cdb662eff3d4c54ee71f7c71ff25dd1d471294 Mon Sep 17 00:00:00 2001
From: djpbessems <danny@bessems.eu>
Date: Wed, 27 Jan 2021 21:03:34 +0100
Subject: [PATCH] Refactor script to determine distinguished name

---
 scripts/ADDS/payload/scripts/04.Delegation of Control.ps1 | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/scripts/ADDS/payload/scripts/04.Delegation of Control.ps1 b/scripts/ADDS/payload/scripts/04.Delegation of Control.ps1
index 3d19772..5cb1eef 100644
--- a/scripts/ADDS/payload/scripts/04.Delegation of Control.ps1	
+++ b/scripts/ADDS/payload/scripts/04.Delegation of Control.ps1	
@@ -66,11 +66,9 @@ If (@('primary','standalone') -contains $Parameter['deployment.type']) {
 
     ForEach ($Entry in $Delegations.DelegationEntries) {
         $GetADObjectSplat = @{
-            Filter      = '*'
-            SearchBase  = 'DC=' + $Parameter['addsconfig.domainname'].Replace('.', ',DC=')
-            SearchScope = 'OneLevel'
+            Identity = $Entry.OrganizationalUnit + (($Parameter['addsconfig.domainname'] -split '\.' | ForEach-Object {',DC={0}' -f $_}) -join '')
         }
-        $OU = Get-ADObject @GetADObjectSplat | Where-Object {$_.DistinguishedName -match $Entry.OrganizationalUnit}
+        $OU = Get-ADObject @GetADObjectSplat
         $GetACLSPlat = @{
             Path = "$($PSDrive.Name):\$($OU.DistinguishedName)"
         }