Blog

NetTools v1.12.6

Schema Version **New**
Displays the forest, domain, schema, Exchange, OCS, and User, group and computer attribute counts

Version update checking **New**
Now includes automatic version checking and download option

DC Resolution
Removed domain suffix option, it now uses the dnsHostName entry of the server from the AD
Editable list of ports scanned

Group Members
Ability to select naming context if RootDSE doesn’t have DefaultNamingContext set i.e. ADAM\DS LDS

LDAP Search
Decodes for aelita-amm-extension1, aelita-amm-extension2, aelita-amm-extension3, aelita-amm-extension4, aelita-amm-extension5, aelita-amm-extension6
LDAP Browser option added to tableview context menu

NetTools v1.12.0

Server Info **New**
Displays the info from NetServerGetInfo with 100, 101 and 102 information structures

Group Members **New **
Displays the members of a group and the members of all nested groups in the target group

Base64 **New**
Ability to convert text, GUID and hex to Base64 and via versa

LDAP Search
New Decodes for – LCS 2003, OCS2005, Lync 2010 (including: msrtcsip-archivingenabled, msrtcsip-archivingserverversion, msrtcsip-enablefederation, msrtcsip-meetingflags, msrtcsip-optionflags, msrtcsip-poolfunctionality, msrtcsip-pooltype, msrtcsip-poolversion, msrtcsip-serverversion, msrtcsip-sourceobjecttype, msrtcsip-trustedserverversion, msrtcsip-ucflags, msrtcsip-archivedefaultflags),
New Decodes for – trustdirection, domainFunctionality, forestFunctionality, trustattributes, trusttype, msds-TrustForestTrustInfo
New Decodes for – caCertificate, mspkidefaultkeyspec, mspki-enrollment-flag, flags, mspki-certificate-name-flag, mspki-private-key-flag, pkikeyusage, pKIExpirationPeriod, pKIOverlapPeriod
New Decoders – FILETIME, TrustForestInfo, and Certificate renewal period attributes
Certificate decoder updated to include start and end date
Inline filter substitution for Generalized Time Format (GTF) and 64bit Time i.e. (whencreated={zdate:30/12/2011}) or (lastlogontimestamp={idate:31/12/2011 })
“Now” constant can be used with zdate\idate inline filter substitutions, with optional plus and minus days.  i.e. {zdate:now}, {zdate:now-365}, {idate:now+5}
Fixed column sort bug in table view
Fixed ‘1.1’ attribute column bug in table view
Fixed display issue when displaying  ;binary attributes
Added Object Properties dialog option to context menus
Object Properties dialog – Added meta data view option
Attribute dialog – added Schema definition option to context menu
Updated context menus to be enabled based on selection
Added extra error handling for attributes with odd values!
Fixed continuous loop bug for attributes that returns no values

LDAP Browser
Added user definable columns
Fixed binary view
Fixed performance issue introduced on 1.11

Schema Class Browser
Added Inherited classes option – selects if inherited classes are displayed
Double click option on attributes to follow classes
Added WhenCreated column
Added Column sorts
Added Copy and Attribute options
Icons for different class types

Last Logon
Added domain suffix option to allow searches in different forests\domains

User Details
Changed query to a paged search so return count is not limited by the MaxPagedSize
Ability to select naming context if RootDSE doesn’t have DefaultNamingContext set i.e. ADAM\DS LDS
Added save option to the server inputbox

LDAP Performance
Fixed the bug in the averaging results
Added screen refresh to support tests cycles over 50 tests

AD Attributes dialog
Added right click option to display enumerate values

Nettools+.ini
Updated the add configuration file logic to only add options that don’t already exist in the current configuration file.  Sample configuration file included the zip covering the different configuration file options.
Configuration file with sample LDAP queries
FSMO roles – PDC, Domain, Infrastructure, RID, Schema
Schema Versions – AD, Exchange, OCS
Users - active, inactive and disabled
AD details, trusts, rootdse, tombstone, sites, GC, IP subnets

General
Added Ctrl+A select all options and key shortcuts for copying to all tables and lists
Full list of supported dynamic override decode in the configuration file (nettools.ini):
[AttributeDecodes]
<attributename>=<DecodeType>

DecodeType list:

DEFAULT – ASCII
GTFTIME – Generalized Time Format
FILETIME – Win32 FileTime Format
64TIME – Win32 64bit Time Format
GUID – Windows GUID
SID – Security Identifier
ATTRIBENUM – predefined enumerate
SD – Security Descriptor
BINARY – Binary list
DNSRECORD – DNS entries
BEROID - Basic Encoding Rules (BER) Organization Identifier
DNSPROPERTY – DNS Properties entries
CERT - Certificates
PWDSEC – Password secounds
MSTRUST – Decoder for msds-TrustForestTrustInfo
PERIOD – Certificate renewal period

Know Issues
Bulk SID history – compatibility issues with the link library means that it only works on Windows 7, trying to find a solution for XP that doesn’t require two separate versions.

NetTools v1.11.0

SPN - Rewrite of the SPN search feature to use the Global Catalog, now uses LDAP API set instead of ADSI APIs for increased performance.
Kerberos Tickets – added feature to request a ticket for a registered SPN.  Can be used to test that the AD is configured correctly for a given SPN
Schema Class Browser – Option to view AD properties of the Attributes
LDAP Search
New LDAP Session options feature to allow complete control over the LDAP session, and display return Session options from a search
New decodes for – dnsrecord, dnsproperty, omobjectclass, msDS-MaximumPasswordAge, msDS-MinimumPasswordAge, msDS-LockoutObservationWindow, msDS-LockoutDuration, userCertificate, userSMIMECertificate, attributeCertificateAttribute for certificates it displays the subject name, or SAN, or UPN whichever is set
Dynamic Attributes updated to use a new Hashing algorithm for improved performance on attribute lookups
Improved reporting for LDAP Referrals
Improved support for non MS LDAP servers
Display multiple attributes one per line
Inline filter substitution for guid, sid and oid i.e. (omobjectclass={oid:1.3.12.2.1011.28.0.702}) or (objectisd={sid: S-1-5-21-3499964120-3315823391-1593708255-164234}) or (objectguid={guid:00AD5B16-8E22-49D5-B83A-BFDEA6DFF7DE})
Object Properties
Updated to report User Account Control settings
New members of and member list with more detail, with load on demand to improve display times
SPN and delegation details
Support for computer objects
User Rights – updated to display user privileges

HowTo: Run NetTools

NetTools consists of a single executable, which doesn't need to be installed and can be run from any location, be it a network share, local drive or removal storage.  The location can be read-only however, in this case the option to save lists and favorite queries will not be available.

The NetTools.ini configuration file should be located in the same directory as the executable.

NetTools Basics

NetTools has a number of common features which are used throughout the program. This post provides details on some of these features.

Where to start
The number of options in NetTools can make it confusing where to start.  The best approach is to start with the Search option under Users, this allows you to search the AD, be it at the Forest or Domain level for any object in the Active Directory, from there the context menu options allows you to then interrogate the returned objects.  See User Search.

Option or test Linking
For a number of the tests the output from one can be used as the input for other tests and options, by selecting the corresponding output entry and right clicking the context menu will display these options.  The Search option has a number of linking options that are displayed under the use with sub menu.

Copy and Paste
The outputs from the tests can be copied into other functions in NetTools or to external programs.  The Copy and Paste option are displayed in the right click context menus. For table views it's possible to copy the data in a single column, the line, or the entire table. When the copy column option is selected, mouse position when the right click is pressed is used to define which column will be selected.  For text based output fields it's possible to copy the text as with standard copy and pasting.  The Copy to new Window context menu option will copy the contains of the view to a new detached window, which provide additional sort and filtering options.  See Copy to new Windows

Server Lists
In most of the options there is a server or domain enter field, this is a dropdown list.  The right click context menu you save the current name and also manage the lists.  A separate list is used based on the enter field name, i.e. Server, Domain, LDAP filters etc.

Server and Domain Fields
The server and domain fields are optional, by default NetTools will use the domain information of the computer that is running NetTools.  By default the server name will use the name returned by the DsGetDcName API.  For the domain filed , the name of the domain that the machine running NetTools will be used.

Credentials
By default NetTools will run in the context of the session that is running NetTools.  It's possible to use the RunAs option to use a different account with elevated permissions. Some of the option have an option to use the credentials that are provided in the LDAP Search option.  See Credentials

Messages\Results pane
On most options, there is a lower pane, this pane is used to display any errors or status report from the execution.

NetTools saved configuration
NetTools uses a single configuration file called NetTools.ini, this is used to save any user defined configuration or saved lists.  NetTools will try to read the configuration from the same location as the exe from executed from.