From eb80b14ae37e50f18fdc93519fb98e3240a6c30f Mon Sep 17 00:00:00 2001
From: Oliver Lyak <53348818+ly4k@users.noreply.github.com>
Date: Sun, 18 Jun 2023 14:44:58 +0200
Subject: [PATCH] added domain computers group to user's SIDs by default

---
 certipy/lib/ldap.py | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/certipy/lib/ldap.py b/certipy/lib/ldap.py
index ec477a9..30fd4bd 100755
--- a/certipy/lib/ldap.py
+++ b/certipy/lib/ldap.py
@@ -354,13 +354,11 @@ def get_user_sids(self, username: str):
         if primary_group_id is not None:
             sids.add("%s-%d" % (self.domain_sid, primary_group_id))
 
-        # Add Domain Computers group if Machine Account Quota > 0
-        if self.machine_account_quota > 0:
-            logging.debug(
-                "Adding Domain Computers to list of current user's SIDs (Machine Account Quota: %d > 0)"
-                % self.machine_account_quota
-            )
-            sids.add("%s-515" % self.domain_sid)
+        # Add Domain Computers group
+        logging.debug(
+            "Adding Domain Computers to list of current user's SIDs"
+        )
+        sids.add("%s-515" % self.domain_sid)
 
         dns = [user.get("distinguishedName")]
         for sid in sids: