Blog

NetTools v1.19.8

Meta Data Dialog
Added column sort

DsGetDcName
Added option for DS Version 8

LDAP Search
Defined LastSetTime, PriorSetTime, msDS-UserPasswordExpiryTimeComputed as 64TIME
Bug fix - Updated favorites list so schemaupdates is not displayed
Bug fix - DecodeType debug string now works for all DecodeTypes

LDAP Browser
Added Meta Data option to the context menu
Fixed bug where user defined decodes were not honoured

Schema Version
Updated to support Windows 2012R2 forest and domain versions
Schema History
Updated to support the following schema changes:

Cisco Unity 4
Cisco Unity Contact Center
Cisco Call Manager
Solgenia Facsys Fax/Routing Suite
Server For Unix
Server For Unix v3.0
Exchange Unified Messaging
Exchange 2010SP1
Quest ActiveRoles

DC Resolution
Removed the dependency on a domain lookup to allow Port scans on IP addresses for machines that are not a DC

User Details
Added option to use GC for foreign object that are not in the default NC of the selected domain controller, this is to help performance when accessing objects in domains that might not be in the same site. The GC will be used for all dialogs. The AD Properties dialog will be display a warning when a GC is being used as group members is not consistent when using a GC
Updated to include scope option when the GC is used, this allows the scope to be limited to a particular NC or to overcome search issues when the forest has a non-contiguous name space
Added option to manage groups from context menu.
            Token Size
Updated to include a base DN option to allow a specific DN to be searched, if blank it will search the default DN of the selected domain controller

DecodeTypes list:
    DEFAULT - ASCII
    64DATE - Win32 64bit Date Format
    64TIME - Win32 64bit Date & Time Format, local time
    64TIME_UTC - Win32 64bit Date & Time Format, UTC
    ATTRIBENUM - predefined enumerate
    ATTRIBENUM_NONUM - predefined enumerate only symbolics are displayed
    BEROID - Basic Encoding Rules (BER) Organization Identifier
    BIN - Binary list
    CERT - Certificates
    COUNT - Returns the number of entries in the attribute
    CRL - Certificate Revocation List
    DNSPROPERTY - DNS Properties entries
    DNSRECORD - DNS entries
    DNSRECORD.DATA - return only the data field
    DNSRECORD.RANK - return only the rank field
    DNSRECORD.SERIAL - return only the serial field
    DNSRECORD.TIMEOUT - return only the timeout field
    DNSRECORD.TIMESTAMP - return only the timestamp field
    DNSRECORD.TTL - return only the ttl field
    DNSRECORD.TYPE - return only the type type field
    DNSRECORD.VERSION - return only the version field
    DSA_SIG - DSA Signature
    FILETIME - Win32 File Date & Time Format
    GTFTIME - Generalized Time Format, local time
    GTFTIME_UTC - Generalized Time Format, UTC
    GUID - Windows COM GUID format
    GUID_LDAP - GUID in LDAP filter format
    GUID_RAW - Hex GUID format
    HEX - Display a number if Hex format
    IP - DWORD IP address in windows order
    IPN - DWORD IP address in network order
    MSTRUST - Decoder for msds-TrustForestTrustInfo
    NTDS_CONN_OPT - Returns the options for the Options of NTDSConnection
    NTDS_DSA_OPT - Returns the options for the Options of NTDSDSA
    NTDSSSITE_OPT - Returns the options for the Options of NTDS Sites Settings
    PARENTDN - Returns the parent container of the distinguishedName
    PERIOD - Certificate renewal period
    PSMTP - Display primary smtp entry
    PWDSEC - Password secounds
    PX400 - Display primary  x400 entry
    PX500 - Display primary x500 entry
    REPL_UTDV - NC Up ToDateness Vectors
    REPS_INFO - Replication neighbours RepsTo and RepsFrom
    RIDPOOL - RID Pool Allocations
    SD - Security Descriptor in SDDL format
    SD_NAME - Returns the resolved names of all the entries in the SD
    SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
    SD_NAME_OWNER - Returns the resolved name of the owner in the SD
    SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
    SD_SID - Returns the SID of all entries in the SD
    SD_SID_DACL - Returns the SID of the DACL entries in the SD
    SD_SID_OWNER - Returns the SID of the Owner in the SD
    SD_SID_SACL - Returns the SID of the SACL entries in the SD
    SID - Display Security Identifier in text form
    SID_REL - Display the relative name of the SID
    SITE_LINK_OPT - Returns the options for the Options of SiteLink
    SIZE - The size of the data returned
    SMTP - Display only smtp entries
    TRANSPORT_OPT - Returns the options for the Options of transport container
    X400 - Display only x400 entries
    X500 - Display only x500 entries

NetTools v1.19.0

LDAP Performance
Added support for SSL LDAP connections

LDAP Search
Attribute DecodeType Manager – the ability to manage the DecodeType assigned to attributes.  There is a new button at the end of the Attribute field to open the DecodeType manager  ** New **
Added HEX DecodeType **New **
Added GUID_RAW DecodeType ** New **
Added GUID_LDAP DecodeType ** New **
Added ParentDN DecodeType  which returns the parent DN from the DistinguishedName attribute, only CN and OU parents are currently supported ** New **
Updated certificate verification options:

Verify Certs       Display Results              Behavior
Not selected      N\A                               No verification is performed, a certificate with errors will be accepted and the search performed
Selected            Not Selected                  The Microsoft standard certificate verification is performed, this normally doesn’t include a revocation test.  The search will only be performed if the certificate is valid.
Selected            Selected                        Extended verification process is used, this will verify the certificate and revocation for the full certificate chain and results will be displayed.  The search will only be completed if the whole certificate chain is valid.

Improved the column redraw speed in Table Input mode
DNS Record DecodeType updated to display the tombstone time and date for a deleted record
Added Regular expression filter to the display filter

<Attribute[;Type]> <Operator> <[Value][List Name]> [Logical Operator] [condition2] [Logical Operator] [condition3] [...]
     Operator           The comparison operator, supported operators are:
                   ==        Equal
                   !=         Not Equal
                   >=        Greater than or equal
                   <=        less than or equal
                   >          Greater than
                   <          Less than
                   ##        In list (exact match)
                   !#         Not in list (exact match)
                   %%      Contains item from list
                   !%        Does not contain item from list
                   Regx    Provide Regular Expression matching on the attribute

Example: name regx ^[sS][a-z]*

LDAP Browser
To increase the performance of browsing LDAP over an SSL connection and bypass certificate errors, updated not to perform any certificate verification testing on connecting
A new context menu to define the DecodeType for attributes ** New **

DCs in Sites
Updated so that resolution of the DC’s IP address is optional

User’s Groups
Updated to also display the group scope for each group

DecodeType list:
    DEFAULT - ASCII
    GTFTIME - Generalized Time Format, local time
    GTFTIME_UTC - Generalized Time Format, UTC
    FILETIME - Win32 File Date & Time Format
    64TIME - Win32 64bit Date & Time Format, local time
    64TIME_UTC - Win32 64bit Date & Time Format, UTC
    64DATE - Win32 64bit Date Format
    HEX - Display a number if Hex format
    PARENTDN - Returns the parent container of the distinguishedName
    GUID – Windows COM GUID format
    GUID_RAW – hex GUID format
    GUID_LDAP – returns the LDAP search filter format
    SID - Display Security Identifier in text form
    SID_REL - Display the relative name of the SID
    RIDPOOL - RID Pool Allocations
    IP - DWORD IP address in windows order
    IPN - DWORD IP address in network order
    ATTRIBENUM - predefined enumerate
    DSA_SIG - DSA Signature
    NTDS_DSA_OPT - Returns the options for the Options of NTDSDSA
    NTDS_CONN_OPT - Returns the options for the Options of NTDSConnection
    SITE_LINK_OPT - Returns the options for the Options of SiteLink
    TRANSPORT_OPT - Returns the options for the Options of transport container
    NTDSSSITE_OPT - Returns the options for the Options of NTDS Sites Settings
    REPL_UTDV - NC Up ToDateness Vectors
    REPS_INFO - Replication neighbours RepsTo and RepsFrom
    SD - Security Descriptor in SDDL format
    SD_SID - Returns the SID of all entries in the SD
    SD_SID_DACL - Returns the SID of the DACL entries in the SD
    SD_SID_SACL - Returns the SID of the SACL entries in the SD
    SD_SID_OWNER - Returns the SID of the Owner in the SD
    SD_NAME - Returns the resolved names of all the entries in the SD
    SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
    SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
    SD_NAME_OWNER - Returns the resolved name of the owner in the SD
    BIN - Binary list
    SIZE - The size of the data returned
    COUNT - Returns the number of entries in the attribute
    DNSRECORD - DNS entries
    DNSRECORD.TYPE - return only the type type field
    DNSRECORD.VERSION - return only the version field
    DNSRECORD.RANK - return only the rank field
    DNSRECORD.SERIAL - return only the serial field
    DNSRECORD.TTL - return only the ttl field
    DNSRECORD.TIMEOUT - return only the timeout field
    DNSRECORD.TIMESTAMP - return only the timestamp field
    DNSRECORD.DATA - return only the data field
    BEROID - Basic Encoding Rules (BER) Organization Identifier
    DNSPROPERTY - DNS Properties entries
    CERT - Certificates
    CRL - Certificate Revocation List
    PWDSEC - Password secounds
    MSTRUST - Decoder for msds-TrustForestTrustInfo
    PERIOD - Certificate renewal period
    SMTP - Display only smtp entries
    X400 - Display only x400 entries
    X500 - Display only x500 entries
    PSMTP - Display primary smtp entry
    PX400 - Display primary  x400 entry
    PX500 - Display primary x500 entry

NetTools v1.18.3

Mail Conflicts  **New**
A new test that is useful for diagnosing Quest DirSync 0xaa0000a7 errors.  The test will check if the mail addresses assigned to the source object already exists on objects in the target domain.  These conflicts stop Quest from merging\migrating mail enabled objects

Mail Unique  **New**
A test to confirm that the mail details of an object are unique in the same forest.  Just paste a list of samaccountnames of objects and check Go.  Any duplicates will be displayed

DC Updates
Now has the option to limit which DC are display and monitored based on the domain context
Added current time from each DC to show if DCs are in time sync

LDAP Search
Added option to specify the number of items returned per page query
Added new UTC options for 64time, gtftime decodes
Added 64Date back as it disappeared for some reason
Filter help updated with the substitution options
Added Reset button to set the options to the default settings
Added decodes for msFVE-KeyPackage, msFVE-RecoveryGuid, and msFVE-VolumeGuid
Added decodes for proxyaddresses, these are more display filters than decodes types, only the specified entries are displayed. SMTP, X400, X500, By using the P options only the primary entry (upper case) is displayed PSMTP, PX500, PX400

LDAP Browser
Fixed bug in the user defined columns not being displayed correctly
Updated the context menu to support LDAP Search updates

LDAP Performance
Disabled referrals on one level search so sub domains don’t impact the test results
Added stop button
Added option to purge Kerberos tickets between test to test the authentication process on each pass

AD Properties
Computer objects now includes the account logon details tab

User Details
Changed the context menu to include Use with, so search results can be piped to other tests in NetTools

General
Fixed bug in ini file read\write functions, so the ini file is only updated in the startup directory
Manage List ** New ** context menu option to manage dropdown lists

DecodeType list:
    DEFAULT - ASCII
    GTFTIME - Generalized Time Format, local time
    GTFTIME_UTC - Generalized Time Format, UTC
    FILETIME - Win32 File Date & Time Format
    64TIME - Win32 64bit Date & Time Format, local time
    64TIME_UTC - Win32 64bit Date & Time Format, UTC
    64DATE - Win32 64bit Date Format
    GUID - Windows GUID
    SID - Display Security Identifier in text form
    SID_REL - Display the relative name of the SID
    RIDPOOL - RID Pool Allocations
    IP - DWORD IP address in windows order
    IPN - DWORD IP address in network order
    ATTRIBENUM - predefined enumerate
    DSA_SIG - DSA Signature
    NTDS_DSA_OPT - Returns the options for the Options of NTDSDSA
    NTDS_CONN_OPT - Returns the options for the Options of NTDSConnection
    SITE_LINK_OPT - Returns the options for the Options of SiteLink
    TRANSPORT_OPT - Returns the options for the Options of transport container
    NTDSSSITE_OPT - Returns the options for the Options of NTDS Sites Settings
    REPL_UTDV - NC Up ToDateness Vectors
    REPS_INFO - Replication neighbours RepsTo and RepsFrom
    SD - Security Descriptor in SDDL format
    SD_SID - Returns the SID of all entries in the SD
    SD_SID_DACL - Returns the SID of the DACL entries in the SD
    SD_SID_SACL - Returns the SID of the SACL entries in the SD
    SD_SID_OWNER - Returns the SID of the Owner in the SD
    SD_NAME - Returns the resolved names of all the entries in the SD
    SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
    SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
    SD_NAME_OWNER - Returns the resolved name of the owner in the SD
    BIN - Binary list
    SIZE - The size of the data returned
    COUNT - Returns the number of entries in the attribute
    DNSRECORD - DNS entries
    DNSRECORD.TYPE - return only the type type field
    DNSRECORD.VERSION - return only the version field
    DNSRECORD.RANK - return only the rank field
    DNSRECORD.SERIAL - return only the serial field
    DNSRECORD.TTL - return only the ttl field
    DNSRECORD.TIMEOUT - return only the timeout field
    DNSRECORD.TIMESTAMP - return only the timestamp field
    DNSRECORD.DATA - return only the data field
    BEROID - Basic Encoding Rules (BER) Organization Identifier
    DNSPROPERTY - DNS Properties entries
    CERT - Certificates
    CRL - Certificate Revocation List
    PWDSEC - Password secounds
    MSTRUST - Decoder for msds-TrustForestTrustInfo
    PERIOD - Certificate renewal period
    SMTP - Display only smtp entries
    X400 - Display only x400 entries
    X500 - Display only x500 entries
    PSMTP - Display primary smtp entry
    PX400 - Display primary  x400 entry
    PX500 - Display primary x500 entry

NetTools v1.17.4

Schema History
Updated to support IBM Tivoli Storage Manager, Forefront TMG, HP Openview Configuration Manager

Schema Browser
Updated to include AttributeID OID
Now uses paged queries to support larger schemas

LDAP Browser
Updated to show the approximate number of objects in a container, if it is filtered

LDAP Search
Added decode for NTMixedDomain attribute

Site DC List
Updated to use a separate thread to improve screen updates on slow WAN networks

Replication Cursors
Updated to display the USN of the destination DC, with a delta to show how many updates are still waiting to be replicated

NetTools v1.17.0

RID Pool **New**
Displays the allocated RID for each domain controller in the selected domain

LDAP Search
Updated with new cleaner UI to allow larger viewable area
Updates to increase attribute decode performance
Updated the filter substitution options on the LDAP filter field to support a hex option i.e. (&(objectclass=group)(grouptype|={hex:0x8000002}))
New DecodeType for RIDAllocationPool, RIDPreviousAllocationPool, RIDAvailablePool,
New 64Date GTDATE decodes to return the date only
Fixed bug with 64TIME decoder
Updated Sort option to support multiple sort attributes.  While NetTools now supports multiple sort attributes, AD\LDS only supports a single sort attribute, if more than one attribute is specified a not supported control error is returned
Added timer to display how long the query has taken to execute
Certificate revocation updated to support Windows 2012 option and support for KB2661254, weak keys
Added support for connection to LDAP server using UDP (CLDAP) protocol. CLDAP only supports anonymous authentication type and must be set manually
Updated attribute help with the SID_REL decode which was missing
Updated to decode an object’s metadata details as an attributes:
     Meta.<Type>.<Attribute>
Type:    ver        Version number
            lusn      Local USN
            ousn     Originating USN
            time      Originating Time
            dc         Originating DC
Attribute: the name of the attribute
    e.g. meta.ver.objectclass, meta.ousn.cn

AD Browser
Updated to have three pane view, displays the tree structure, child objects of the selected object, and the attributes of the select object
Fixed intermittent issue that caused the browser to close the open LDAP server connection

Schema Versions
Updated to support Windows 2012, Windows 2008R2 TPM, Exchange 2010 SP3, Exchange 2013, Lync 2013 and FIM 2010R2 PCNS

Schema History
Updated to support Windows 2012, Windows 2008R2 TPM, Exchange 2010 SP3, Exchange 2013, Lync 2013 and FIM 2010R2 PCNS

Attributes dialog
Updated to support double click to display individual entries

AD Properties Dialog
Updated the included Password not required option
Fixed bug where Members tab was shown for all object types

SDProd
Updated to protect against circular group references, now has a hard coded limit of 100 nested groups

DecodeType List:
    DEFAULT - ASCII
    GTFTIME - Generalized Date & Time Format
    GTDATE - Generalized Date Format
    FILETIME - Win32 FileTime Format
    64TIME - Win32 64bit Date & Time Format
    64DATE - Win32 64bit Date Format
    GUID - Windows GUID
    RIDPOOL – RID pool allocations
    SID - Security Identifier
    SID_REL - Displays the relative name for a Security Identifier
    IP - DWORD IP address in windows order
    IPN - DWORD IP address in network order
    ATTRIBENUM - predefined enumerate
    DSA_SIG - DSA Signature
    NTDS_DSA_OPT - Returns the options for the Options of NTDSDSA
    NTDS_CONN_OPT - Returns the options for the Options of NTDSConnection
    SITE_LINK_OPT - Returns the options for the Options of SiteLink
    TRANSPORT_OPT - Returns the options for the Options of transport container
    NTDSSSITE_OPT - Returns the options for the Options of NTDS Sites Settings
    REPL_UTDV - NC Up ToDateness Vectors
    REPS_INFO - Replication neighbours RepsTo and RepsFrom
    SD - Security Descriptor in SDDL format
    SD_SID - Returns the SID of all entries in the SD
    SD_SID_DACL - Returns the SID of the DACL entries in the SD
    SD_SID_SACL - Returns the SID of the SACL entries in the SD
    SD_SID_OWNER - Returns the SID of the Owner in the SD
    SD_NAME - Returns the resolved names of all the entries in the SD
    SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
    SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
    SD_NAME_OWNER - Returns the resolved name of the owner in the SD
    BIN - Binary list
    SIZE - The size of the data returned
    COUNT - Returns the number of entries in the attribute
    DNSRECORD - DNS entries
    DNSRECORD.TYPE - return only the type type field
    DNSRECORD.VERSION - return only the version field
    DNSRECORD.RANK - return only the rank field
    DNSRECORD.SERIAL - return only the serial field
    DNSRECORD.TTL - return only the ttl field
    DNSRECORD.TIMEOUT - return only the timeout field
    DNSRECORD.TIMESTAMP - return only the timestamp field
    DNSRECORD.DATA - return only the data field
    BEROID - Basic Encoding Rules (BER) Organization Identifier
    DNSPROPERTY - DNS Properties entries
    CERT - Certificates
    CRL - Certificate Revocation List
    PWDSEC - Password secounds
    MSTRUST - Decoder for msds-TrustForestTrustInfo
    PERIOD - Certificate renewal period

NetTools v1.16.0

AD Properties dialog
Updated to support copy option in all list fields
Double clicking on foreign security principals in member and memberof now opens the properties of that object
Added Mail nickname attribute to Exchange tab
Added account tab to computer objects

AD Subnets
Added paste option so multiple IP addresses can be resolved

DC Resolution
Fixed bug where the stop button was not displayed if an IP address is used for a manually entered server name.
Fixed bug in the port scan that prevented multiple copies of NetTools from doing scans

Group Members
Added status bar to display which group is currently being enumerated
Updated to resolve foreign security principals
Column sort
Now uses individual queries to resolve group membership a bit slow than ASQ but nested groups from trusted domains are displayed

LDAP Browser
Right pane will now display objects requiring additional server side LDAP controls, i.e. deleted objects

LDAP Search
Decodes updated with Windows Server 2012 details
Bit operator substitution updated to support multiple entries
Dropdown list fields now have auto save when up or down keys are pressed, just for those typo moments
Added decodes for Options attribute for the SiteLink, nTDSConnection, nTDSDSA, interSiteTransport, nTDSSiteSettings.  Due the same attribute name being used for all objects, the Options attribute will not be decoded by default.  However, if the attribute list contains the objectclass attribute before Options, the correct decode will be selected automatically.
DNSRECORD decode now has sub options to allow DNS record field decodes to be displayed
Bug fix – Input mode, Insert option now adds columns if no columns displayed
Bug fix – now displays correct output when single line and hex options are selected
Replication Latency
Fixed bug where the test wouldn’t finish if one or more servers fail

Site Browser
Updated to include Downstream replication partners
Updated to show automatically generated connectors
Updated to include Connection Options

User’s Groups
Added copy options

User Details
Added view Meta Data option to the context menu

General
Update left pane list so items are in alphabetic order for each section

DecodeType List:
    DEFAULT - ASCII
    GTFTIME - Generalized Time Format
    FILETIME - Win32 FileTime Format
    64TIME - Win32 64bit Time Format
    GUID - Windows GUID
    SID - Security Identifier
    IP - DWORD IP address in windows order
    IPN - DWORD IP address in network order
    ATTRIBENUM - predefined enumerate
    DSA_SIG - DSA Signature
    NTDS_DSA_OPT - Returns the options for the Options of NTDSDSA
    NTDS_CONN_OPT - Returns the options for the Options of NTDSConnection
    SITE_LINK_OPT - Returns the options for the Options of SiteLink
    TRANSPORT_OPT - Returns the options for the Options of transport container
    NTDSSSITE_OPT - Returns the options for the Options of NTDS Sites Settings
    REPL_UTDV - NC Up ToDateness Vectors
    REPS_INFO - Replication neighbours RepsTo and RepsFrom
    SD - Security Descriptor in SDDL format
    SD_SID - Returns the SID of all entries in the SD
    SD_SID_DACL - Returns the SID of the DACL entries in the SD
    SD_SID_SACL - Returns the SID of the SACL entries in the SD
    SD_SID_OWNER - Returns the SID of the Owner in the SD
    SD_NAME - Returns the resolved names of all the entries in the SD
    SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
    SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
    SD_NAME_OWNER - Returns the resolved name of the owner in the SD
    BIN - Binary list
    SIZE - The size of the data returned
    COUNT - Returns the number of entries in the attribute
    DNSRECORD - DNS entries
    DNSRECORD.TYPE - return only the type type field
    DNSRECORD.VERSION - return only the version field
    DNSRECORD.RANK - return only the rank field
    DNSRECORD.SERIAL - return only the serial field
    DNSRECORD.TTL - return only the ttl field
    DNSRECORD.TIMEOUT - return only the timeout field
    DNSRECORD.TIMESTAMP - return only the timestamp field
    DNSRECORD.DATA - return only the data field
    BEROID - Basic Encoding Rules (BER) Organization Identifier
    DNSPROPERTY - DNS Properties entries
    CERT - Certificates
    CRL - Certificate Revocation List
    PWDSEC - Password secounds
    MSTRUST - Decoder for msds-TrustForestTrustInfo
    PERIOD - Certificate renewal period

NetTools V1.15.5

Group Manager

Disabled referrals on paste lookups to increase performance in multi-domain environments
Added report option to display if the pasted list is currently a member of the selected group

LDAP Search

Added REP_INFO DecodeType for RepTo and RepFrom attributes to show Replication Neighbors and replication status
Added REPL_UTDV DecodeType for the replUpToDateVector attribute, for Replication Up Todateness Vectors
Added support for UTF-8 encoding on the filter field escaping Unicode characters
Fixed memory leak

DC Resolution

Fixed debug in the Add Ports option where the first ports in the existing list was removed

General
Major code review tiding up variables and memory allocation reducing the overall memory footprint

DecodeType list:

DEFAULT – ASCII
GTFTIME – Generalized Time Format
FILETIME – Win32 FileTime Format
64TIME – Win32 64bit Time Format
DSA_SIG – DSA Signature
GUID – Windows GUID
REP_INFO - RepTo and RepFrom replication neighbors
REPL_UTDV - Replication up to dateness vectors
SID – Security Identifier
IP – DWORD IP address in windows order
IPN – DWORD IP address in network order
ATTRIBENUM – predefined enumerate
SD – Security Descriptor in SDDL format
SD_SID - Returns the SID of all entries in the SD
SD_SID_DACL - Returns the SID of the DACL entries in the SD
SD_SID_SACL - Returns the SID of the SACL entries in the SD
SD_SID_OWNER - Returns the SID of the Owner in the SD
SD_NAME - Returns the resolved names of all the entries in the SD
SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
SD_NAME_OWNER - Returns the resolved name of the owner in the SD
BIN – Binary list
SIZE – The size of the data returned
COUNT – Returns the number of entries in the attribute
DNSRECORD – DNS entries
BEROID - Basic Encoding Rules (BER) Organization Identifier
DNSPROPERTY – DNS Properties entries
CERT - Certificates
CRL – Certificate Revocation List
PWDSEC – Password seconds
MSTRUST – Decoder for msds-TrustForestTrustInfo
PERIOD – Certificate renewal period

NetTools v1.15.0

Site Browser **New**
Brings DNS site coverage, Site Links, Site Link Costs, IP Subnet allocation, and Naming Context coverage into a single view
Group Manager **New**
Bulk group membership management. Select the group, paste in the list of objects to add or remove to\from the group, select the objects and click Add or Remove.  The pasted list can be Distinguished Names, SIDs, or samaccountnames or any combination of them.  SID entries must be relative to the server\domain selected, to add objects from a foreign domain use DNs.
DSA GUID
Updated to support column sorts

LDAP Browser
Now has column sort
Filter button icon now changes when a user defined filter has been specified

AD Properties
Updated to use the ObjectSID attribute rather than the name attribute to resolves names for foreign security principals

Last Logon
Updated to disable buttons while a search is run to stop multiple press of the go button which causes exception errors
Added LogonCount to output

User Details
Updated to use DcGetDCName instead of using the ldap connection options to find a GC, as the ldap options are a little inconsistent and some time select a non-GC server

SPN Search
Updated to use DcGetDCName instead of using the ldap connection options to find a GC, as the ldap options are a little inconsistent and some time select a non-GC server

LDAP Search
Added help button for Decode Type options
Added help button for the Display Filter options
New DecodeType for the DSASignature attribute
New DecodeType GUID_RAW displays the GUID in hex in byte order.  GUID_LDAP displays the GUID in escaped hex format as used for LDAP binary search
Fixed bug in display filter logic, where if the last condition in a multiple And equation was a Not statement it returned the wrong value.
Updated Display filter to support a new comparison operator, if contains options to return attributes that contain an item in a list.

The full list of Comparison Operators
Operator           The comparison operator, supported operators are:
==        Equal
!=         Not Equal
>=        Greater than or equal
<=        less than or equal
>          Greater than
<          Less than
##        In list  (exact match)
!#         Not in list  (exact match)
%%      Contain an item in the list  **New**
!%        does not contain an item in the list **New**

Manage Lists
Fix bug where items were not removed correctly from the list (Thanks to Joe for reporting the issue)

Schema Browser
Fixed intermittent issue where Schema definition dialog would be shown on the right hand pane

Sites DC List
Updated GC logic so GC allocation is displayed correctly for single domain forests

User’s Groups
Updated to a list view to allow sorting

General
I have been working on a number of other LDAP projects, which have resulted in performance and functional improvements in my base LDAP class.  These improves have been incorporated into NetTools.

DecodeType list:

DEFAULT – ASCII
GTFTIME – Generalized Time Format
FILETIME – Win32 FileTime Format
64TIME – Win32 64bit Time Format
DSA_SIG – DSA Signature
GUID – Windows GUID
SID – Security Identifier
IP – DWORD IP address in windows order
IPN – DWORD IP address in network order
ATTRIBENUM – predefined enumerate
SD – Security Descriptor in SDDL format
SD_SID - Returns the SID of all entries in the SD
SD_SID_DACL - Returns the SID of the DACL entries in the SD
SD_SID_SACL - Returns the SID of the SACL entries in the SD
SD_SID_OWNER - Returns the SID of the Owner in the SD
SD_NAME - Returns the resolved names of all the entries in the SD
SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
SD_NAME_OWNER - Returns the resolved name of the owner in the SD
BIN – Binary list
SIZE – The size of the data returned
COUNT – Returns the number of entries in the attribute
DNSRECORD – DNS entries
BEROID - Basic Encoding Rules (BER) Organization Identifier
DNSPROPERTY – DNS Properties entries
CERT - Certificates
CRL – Certificate Revocation List
PWDSEC – Password seconds
MSTRUST – Decoder for msds-TrustForestTrustInfo
PERIOD – Certificate renewal period

NetTools v1.14.4

Site DC List
Updated to display FSMO roles and GC assignment
Context menu to configure LDAP Search

DC Resolution
Updated to support FQDN server names

AD Sites
Updated so the GC indictor displays the correct results

LDAP Browser
Context menu bug fixed, so context menu displays attributes for the selected item
Treeview icon updated to indicate if the list is filtered by the maximum entries count