Site DC List **New**
Displays the servers in each AD site and the domain name context each server hosts
Schema History **New**
Displays the updates that have been added to the schema with the date information and with attributes and classes added. NetTools includes a set of predefined schema updates covering common updates. The list of schema updates can be extended in the NetTools.ini file.
[SchemaUpdates]
<ldapdisplayname> = <Schema update>
WINS Lookup **New**
A WINS lookup client to query WINS servers
SID History Bulk
Now works, finally managed to sort out the compatibility issues. Once you have completed the validation checks, you will need a semi-colon separated file of source and target samaccountnames
LDAP Search
New Decoder for Certificate Revocation List, displays the CRL entry count and valid date and next update date.
New Decoder for DWORD IP addresses, supports Windows (most significant order) and network order (least significant order) encoding, decodes for mSSMSRangedIPHigh and mSSMSRangedIPLow
Update DNSRecord decoder to include version, ranking, timestamp, and scavenging
Inline filter substitution for IP addresses for Windows and Network order format, Windows order: (ipaddress={ip:10.12.45.254}) Network order: (ipaddress={ipn:10.12.45.254})
Table view updated to honor the attribute order specified.
Input View updated to include Record Count option to return only the number of records returned by the query for that line
Logic updated so Input Mode is not selected when table view is disable but input mode is still selected.
Previous query history option added, records the last 10 queries performed
Count decoder added to return the number of entries per attribute
First column name to updated when the Input mode is selected.
SecurityDescriptor decoder updated to fix intermittent decode issue
SecuirtyDescriptor updated to include decode option to return individual entries of the security descriptor
SD_SID Returns the SID of all entries in the SD
SD_SID_DACL Returns the SID of the DACL entries in the SD
SD_SID_SACL Returns the SID of the SACL entries in the SD
SD_SID_OWNER Returns the SID of the Owner in the SD
SD_NAME Returns the resolved names of all the entries in the SD
SD_NAME_DACL Returns the resolved names of the DACL entries in the SD
SD_NAME_SACL Returns the resolved names of the SACL entries in the SD
SD_NAME_OWNER Returns the resolved name of the owner in the SD
SID Decoder updated to support absolute and relative name resolution.
SID_REL Returns the object name associated to the SID as return by the default API, if the SID is assigned via SID history the name of assigned object is returned not the name of the object from the foreign domain
SID_ABS Returns the object name of the SID by first resolving the domain reference of the SID and then querying that domain for the name.
Display Filter – This option provides a second level of filtering on the formatted results returned by the LDA server. This means that a filter can be created based on the decoded\formatted value of attributes for which a standard LDAP query can’t be constructed If a display filter is specified only the returned entries that match the filter are displayed. The filter syntax is based on C\C++ formatting
The display filter has the following format:
<Attribute[;Type]> <Operator> <[Value][List Name]> [Logical Operator] [condition2] [Logical Operator] [condition3] [...]
Attribute The name of the attribute, the attribute must be included in the results returned by the query
Type The type operator is used to convert the returned value to a different data type before comparison. By default NetTools converts all data returned into text, to perform comparison with other data type you must convert the data into the correct data type. The follow data types are supported:
Int convert to an integer
Date Convert to a date
Operator The comparison operator, supported operators are:
== Equal
!= Not Equal
>= Greater than or equal
<= less than or equal
> Greater than
< Less than
## In list
!# Not in list
Value The value that is be compared against. Wildcard are allowed for string comparisons, tuple queries are supported.
List Name The name of the list in the Member List tab to used with the ## and !# operators
Logical Operator The logic used to evaluate multiple conditions
&& And comparison
|| Or comparison
Examples:
name == gary* && age;int >= 21
description == *room*
whencreated;date > 14/1/11
name ## List1
Limitation: Using the display filter with a list with a large number of members can seriously impact the speed and performance of searches. The condition logic doesn’t support nested conditions, I’ll try add this functionality in a later version.
Manage Lists
This option is used in conjunction with the LDAP search display filter. Up to 20 lists can be loaded and referenced in the display filter
LDAP Browser
Now has a filter option for the right pane to limit which items are displayed
Updated to support names that contain special characters i.e. , / \ .
Updated with context menu option to copy entries to LDAP Search fields
Attributes Dialog
Updated with context menu options to copy selected entries to LDAP Search fields
DC Resolution
Removed the restriction that manually added servers must be a domain controller, any server that can be resolved in DNS can be port scanned
AD Properties Dialog
Updated so general page is displayed first for computer objects
Members and MemberOf updated to replace ASQ with direct queries to support GC and security principals in child and foreign domains.
Primary group details now added to the members group list
User Details
Fixed intermittent search results when using GC
Property Set Search
Fixed bug introduced in a previous version where the property set name wasn’t displayed but I only just noticed it!!
DecodeType list:
DEFAULT – ASCII
GTFTIME – Generalized Time Format
FILETIME – Win32 FileTime Format
64TIME – Win32 64bit Time Format
GUID – Windows GUID
SID – Security Identifier
IP – DWORD IP address in windows order
IPN – DWORD IP address in network order
ATTRIBENUM – predefined enumerate
SD – Security Descriptor in SDDL format
SD_SID - Returns the SID of all entries in the SD
SD_SID_DACL - Returns the SID of the DACL entries in the SD
SD_SID_SACL - Returns the SID of the SACL entries in the SD
SD_SID_OWNER - Returns the SID of the Owner in the SD
SD_NAME - Returns the resolved names of all the entries in the SD
SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
SD_NAME_OWNER - Returns the resolved name of the owner in the SD
BIN – Binary list
SIZE – The size of the data returned
COUNT – Returns the number of entries in the attribute
DNSRECORD – DNS entries
BEROID - Basic Encoding Rules (BER) Organization Identifier
DNSPROPERTY – DNS Properties entries
CERT - Certificates
CRL – Certificate Revocation List
PWDSEC – Password seconds
MSTRUST – Decoder for msds-TrustForestTrustInfo
PERIOD – Certificate renewal period