Category Archives: Versions

NetTools v1.31.0

AD Permissions Reporter    
A reporting option to report and search for permissions that have been assigned in the AD, supports both basic and advanced filters. See AD Permissions Reporter.

Certificate Checker    
A new feature to verify the certificate that are assigned to website, including the revocation status, More details available here.

Compare AD Permissions    
Context menu option to compare the permissions of different objects.  See How to compare AD permissions.

Object Replication    
A new feature to test if AD objects and their attributes are replicated across the domain controllers in the domain. See Object Replication for more information.

SDDL Viewer    
A new feature to display SDDL strings in the Permissions dialog.  More details available here.

Find Trustee Assignments

AD Permissions Browser
ACL Browser renamed to AD Permissions Browser
Updated context menu to support option to export a permission as a dsacls command.
Updated inheritance text to include no propagation rights details and displayed separately in the rights view.
Changed the icons used in trustee mode to the same as used in AD Permissions Reporter, to make it easier to see which permissions are applies to the trustee.
Fixed index error when assigning the NT Authority\Self to a trustee.

AD Properties
Fixed context menu on delegation tab to allow linked SPN tests.
Fixed memberof bug, some groups are not displayed if the displayname is not set.
Added option to display the time and date when changes to the group membership happened.
Updated to display the Fine Grain Password details for both users and groups.
Updated Logon tab to include Password Expires based on the msDS-UserPasswordExpiryTimeComputed attribute.

AD Sites
Updated to include a dsBind test to test RPC connection, also updated to support profiles.

AD Subnet
Updated to support IP Addresses with CIDR.
Subnet that are not linked to a site are shown as <not assigned>.

Attributes Dialog
Hex dump - now able to provide hex dump of security descriptor for non-admin users.

Attribute Replication
Updated to display all the attributes of the selected object across the selected domain controllers.

Updated to support encoding a SID string to binary in Base64 and back to SID String.

DC Resolution
Removed port 3389 from default list of ports, added for testing and shouldn't be there.

Error Messages
Updated to also return error details for WinInet error codes.

GPO Explorer
Added GPO testing functionality similar to that of GPOTool.exe. See How To Test GPOs as GPOTool is no longer available.
Update security tab to include the rights view of the permissions assignment.
Fixed display updates when switching from OU to WMI and back again.

GUID Search
Updated to now search for the entered GUID against common object GUID, and option to search against all GUID attributes found as part of the dynamic attribute discovery.

LDAP Browser
Added button to allow a DN to be opened in a separate window.
Updated to include a Restore Objects for deleted objects, see How To Restore deleted AD objects.

LDAP Search
Added option to limit the number of records returned.  Update Favorite Import to support import of multiple favorite in one go.
Updated the DNSProperty decode to support all data types.
Updated favorites variables to include ##root to specific the root DN of the forest.
Updated to support different Ordering OIDs on the sort field, see Sort for more details.
Certificate verification date format now based on regional settings.  When connecting using SSL it will now displays the SSL connection information.
Fixed intermittent exception error that could happen when using meta data attribute types.
Fixed bug in the getdn subst variable that could cause an exception.
LDAP Search Enum dialog - Updated context menu to allow selection of bit operator.
Define the enum DecodesType for GPOptions, ServerState, ForceLogoff.
Set DecodeType for AuditPolicy to DecodeType BIN.
Added DecodeType GMSAPWD.PWD_B and GMSAPWD.PPWD_B to display GMSA password in byte based binary output.

Object Count
Updated to save the count details, with subsequent counts shows the delta between the counts.

Object MetaData
Updated to also display the value of the value of the attribute and changed time to display local time.

Organization Structure
Fixed exception that can occur when multiple Left SD menu item selected.
Added additional logic to detect circular references.
Added an extra context menu item to display a separate window with the org structure.

Added option to specify the ICMP packet size used for the ping.

Permissions dialog
Added additional caching at the profile level to improve performance and reduce data requests. Also improves the performance of AD Permissions Browser,  and GPO explorer.
Added Inheritance details to the status bar.

Updated test options so any entry is added to the resolver history.
Fixed columns update so blank attributes are shown correctly.

Schema Version
Updated to support Exchange 2019 CU11, CU12 & 2016 CU22, CU23.

Updated to include support Service Managed Accounts and improved performance.

SID Converter
Updated to include icons for resolved names and now if a SID is not found, it will now check if the domain SID exists to confirm if the SID has been deleted or the domain is invalid.

Site Browser
Updated to displays bridgehead servers in the site settings view.
Added addition error reporting for Validate function and added DsBind test.
Subnets that are not linked to a site are shown as <not assigned>.

Token Size
Updated the connection to use the GC to correctly resolve cross forest groups and fixed bug were multiple entries in SIDHistory caused the token size to be calculated incorrect.

User Search
Fixed bug where from a child domain, the Use GC option didn't use the root of the forest for the search.

User Search dialog
Updated so if only one user account found and it matches the search, it automatically returns the single entry.

Predefined Queues
The follow queues have been updated:

AD: Invalid Pwd Change (All users)
AD: Invalid Pwd Change (Nominated user)
AD: List gMSA Accounts
AD: List MSA Accounts
AD: Restore Deleted User
AD: RootDSE Modify - Dump Database
Users: Invalid characters for O365
Users: Mail and UserPrincipalName different

NetTools v1.30.0

ASN.1 Viewer      
An option to display ASN.1 data structures, support for DER, PEM, PKCS#7, and PKCS#12 file formats, and manual input in hex and base64 formats.  Includes support for common x.509 field types. See ASN.1 Viewer

An option to run an LDAP query with the DirSync server side control to display what changes have been made in the select context. See DirSync

Domain Changes      
An option to display which objects have been changed/created or replicated to the domain controller, based on the objects with updated USNChanged attribute. See Domain Changes

Object Counts      
An option to count the number of different types of objects that exist under the selected OU structure.  Selectable object types for Users, Groups, Computers, Active Users, OU and all objects. See Object Counts

User's Membership    
An option to display a user's group membership, including nested groups and which group contributed to the user's groups. See User's Membership

Updated the icons and context menu icons.
Added additional command line options to allow a LDAP Search Favorite to specified and run from the command line, /f:<favorite name>, i.e. NetTools "/f:AD: RootDSE"  The /Q option is also available which will cause NetTools to quit after the query has finished running.
Added a new Find feature to enable searching for items in the result.
Added Open Container context menu to open the parent container in LDAP Browser.
Added LDIF Export option to context menus to allow the objects to exported to file in ldif file format.
Time and Dates now displayed based on locale and regional settings, LDAP Search Substitution input entries also use locale date format for entry.
Options that require a username (SamAccountName) entry, now display a user search dialog if the entered name is not found.

ACL Browser
Added Group Members and Group Manager options to the context menus.
Fixed intermittent exception error when copying multiple items.
Fixed display issue associated to member attribute and add\remove self to group extended right.

AD Attributes
Updated to remove the dependency on the AllowedAttributes to allow the objects from non AD based directories to be displayed.

AD Properties
Updated the TokenGroups tab to include the SID of the names that are resolved against each entry.    Also includes an option to use Absolute SID Resolution, this is to help identify any entries that are associated to SID History.
Updated Members tab to also display which members have been removed from the group and when.
Updated the object selector used to manage group membership to support a paste option, so multiple entries can be added to the selection list.  Supports DN, samaccountname, upn, email, and name, with any combination of these.
Added option on Logon tab to perform a Last Logon scan.
Added option to display organisation structure from Organisation Tab.
Updated the Members and MemberOf lists to include the samaccountnames of included objects

Updated to use dynamic buffers rather than static to allow for larger decodes.
Added option to decode output to file.
Added option to be able to display hex or base64 outputs in the ASN.1 viewer.
Improved the handling of the extra space in the data input.
Updated to support Hex stream data input format.

Compare Groups
Updated so it can compare both member and memberof attributes, so it can be used to compare the membership of groups as well as users.

Copy To Windows
Improved the performance when displaying large list of items and better indication to the user when the program is busy.

Updated the selectable options to include DS8, DS9, DS10, and Key Lists.
Updated the flags decode to display the full flags names, and added support for DS9, DS10, Key Lists.

DC Resolution
Updated the ports option to allow lists of ports to be defined and selected, simplifying the testing of different services.

GPO Explorer
Added AD Sites view with indication if policies are applied to a site.
Double click to WMI filter viewer to display policy details.
Added GPO Results to context menu to the Content tab of the GPO Allocation view to display which policies have been applied to a selected machines.
Updated to display the wireless and wired GPO settings.
Updated to display which client side extensions are assigned to the GPO.
Updated the Settings view for the registry items to display all the registry entries in the registry.pol as a single list, the option is available by clicking on the Settings item at the top of the registry tree.
Updated a number of context menus to include some of the standard options, which were missing.
Updated GPO List view to include the split screen option to display the selected GPO properties below the list.
Added context menu item to display all OUs that have block Inheritance enabled.
Added additional error handle to GPO that don't have the display name set or gplink attributes with invalid format

Last Logon Time
Added accumulative logon Count across all domain controllers and DN
Added context menu option to input a new entry

LDAP Search
Conditional Attributes - updated logic so an attribute with no value set is also tested against the condition statement. i.e. location!=london will be true if no value is set.
Conditional Attributes - updated so the position of the wildcard character is position sensitive, if the wildcard character is placed at the begin of the search criteria i.e. *disable, then 'disable' will match any where in the attribute. If the wildcard is placed at the end of the search citeria i.e. disable*, the a match only occurs if disable is at the start of the attribute.
Conditional Attributes - the entered case of static entries is now persevered.
Custom Controls updated to allow data encoding type to be defined, data can now be defined as String or Integer encoded using BER encoding, or Non-BER encoded Integer.
Option to display server controls that are sent and returned as a hex dump and ASN.1 structure dump in the text output view, option is selected in the Manage Controls dialog.
Updated Search Statistics option to automatically change which sets of search stats are returned based on the domain controller functional level.
Updated Attributes field to also support the getdn substitution, so they can be used in the update queries.
Updated the MSTRUST DecodeType for the msds-TrustForestTrustInfo attribute to provide details of excluded routing suffixes.
Updated Filter processing to remove the case sensitivity of boolean expressions.
When the Display Results option is not selected with Update Queues, it will prevent the attribute pre-read before updates which significantly improves the performance when updating attributes with more than a few thousand values.
Updated REPS_INFO DecodeType, used by repsto and repsfrom attributes, to support V2 data structure format.
Updated file output logic, so when file output is selected and Display Results is not selected, the results are written to the file.  Fixed bug with single line option so all entries are now written to the file. Fixed bug with tab separated character.
Updated Use column with context menu to include add to Resolver.
Added new GPLINKS DecodeType to return a list of GPO DNs in the gplink attribute
Added a shift key function to disable html parser when pasting items in Input Mode.
Added new METAP DecodeType, used for the replPropertyMetaData attribute.

LDAP Search - Predefined Queries
The following predefined queries have been added:

AD: Schema Attributes ANR Indexed
AD: Schema Attributes Confidential
AD: Schema Attributes Constructed
AD: Schema Attributes in GC
AD: Schema Attributes Indexed
AD: Schema Attributes Not Replicated
AD: Schema Attributes Tuple Indexed

The following predefined queries have been updated:

GPOs: All
GPOs: All deleted
GPOs: Computer Targeted Policies
GPOs: Created in Last 30 Days
GPOs: Created in Last 60 Days
GPOs: Created in Last 7 Days
GPOs: Created in Last 90 Days
GPOs: Created Today
GPOs: Created Yesterday
GPOs: Deleted in the last 24 hours
GPOs: Deleted in the last 48 hours
GPOs: Modified in Last 30 Days
GPOs: Modified in Last 60 Days
GPOs: Modified in Last 7 Days
GPOs: Modified in Last 90 Days
GPOs: Modified Today
GPOs: Modified Yesterday
GPOs: Non Active
GPOs: Policies with a WMI Filter
GPOs: User & Computer Targeted Policies
GPOs: User Targeted Policies
GPOs: WMI Filters
Groups: All
SCCM: Management Points
SCCM: Site Boundaries
SCCM: Sites
Users: Active Users Who Haven't Logged On In Last x Days - user defined period
Users: Without Home Directory

Meta Data Dialog
Updated Value replication table to include local and originating USN details.

Renamed the option to Local Groups.

Organisation Structure
Change the default view to display reporting lines, including peers and direct reports as separate items.  Still has the option to display the old tree view as this is more useful in some scenario.

Replication Queues
Updated authentication to use DSBindWithCred instead to DsBind to allow the credentials from the Connection Profiles to be used.

Included a key shortcut to allow new entries to be manually entered using the Insert key.
Context menu updated to be object sensitive and will enable and disable options based on the object selected.
Display GPO Results added to the Use with context menu.
Fixed bug where the item count may be incorrect.
Updated to allow tracking of objects that have been opened or used with context menus
Added Object History option, so all object opened or linked via context menus are automatically added to the the Resolver list
Updated so each new entry added also records the server name.

SID Converter
Updated output view to use a table view to simplify the output and easier to copy details between options.
Added the option to display SID details from a Base64 format input.
Fixed bug where comma separated SIDs were not resolved correctly.

Schema Versions
Updated to include support for Exchange 2019 CU8, CU9 &CU10, 2016 CU19, 20 & CU21

Schema History
Updated with details of SCCM, Mapi Lab, EMC schema extensions
Updated to display Unknown if the schema extension is not in the internal database.

Time Converter
Updated to display the time outputs in a table view.
The time and date input are now based on the locale time\date format.  The locale time\date format is displayed as the supported formats section.

Token Size
Updated the size column to reflect the Token Size based on the MS algorithm to calculate Token Size.

User Search
Updated Use With context menu to include Local Groups option, to allow the local groups of member machines to be viewed.
Updated Use With context menu to include GPO Results on computer objects that are returned.
Updated icons so there is a separate icon for expired users
Updated to include an advanced option to allow searching of specific attributes on nominated object.

NetTools v1.29.0


A new option to display the existing logon sessions on the machines, and the ability to display what processes are associated to a logon session.

NetTools now includes over 280 predefined LDAP queries
Finally removed the default icon and added a new one
Added the option to add selected item to Resolver on the context menu

ACL Browser
Updated to include the Modify owner rights in the ACE pane
Updated flags view to display additional tag for each of the the various SD flags and flag values
Added context menu to copy the SD to clipboard in SDDL format

AD Properties Dialog
Updated to include the msExchRemoteRecipentType on the Exchange tab
Added capability to manage group membership of the member and memberof attributes
Updated TokenGroup tab to display the source SID rather than 'Error' if the SID can't be resolved
Added sMGS tab to display details associated to Group Managed Service Accounts, with the option to display and copy the current and previous passwords
Updated icons for Managed Service Accounts and Group Managed Service Accounts
Added BitLocker tab to display BitLocker recovery keys

Attribute Dialog
Added context menu to display the Attribute Value dialog with and without attribute Decode
Added context menu to allow the value to displayed in Hex Dump
Added context menu to display the schema definition of an attribute

Added a manual flag option, so you can specify the actual flags sent to server

Updated the Clipboard option to display the different data type available in the clipboard and the ability to display the data associated to each clipboard data type
Included the option to display a hex dump of the clipboard data

Connection Profiles
Updated AD Properties and Attributes dialog and Top Quotes to work correctly with Connection Profiles
Updated the Server tab to enable the global catalog to be specified, used specifically for the User Search, AD Properties dialog and the LDAP Search Use GC option
Fixed bug with Anonymous authentication type
Fixed intermittent issues causing the credentials dialog not being drawn correctly
Fixed bug where profile details were not displayed for the selected profile, if prompted to save unsaved changes

GPO Explorer
Updated to include WMI Filters and AD Sites
WMI Filter name now displayed on GPO allocation screens
Updated the XML parse for GPO Preferences to improve the displaying of settings
Added additional validation for preference so only items that have an XML file are shown as having settings

LDAP Browser
Added context menu to allow the DN of objects to be copied to the clipboard

Added a manual flag option, so you can specify the actual flags sent to server

LDAP Search
Fixed bug in Input Mode, where an exception could be caused if a row of input data is missing a column item
Added the option to add additional user specified server side controls
Updated to include Use GC option to use the GC server settings in the Connection Profile
Updated date substitutes to include StartofDay, EndofDay, StartofUTCDay, and EndofUTCDay constants, StartofDay and EndofDay returns times based on local time, while StartofUTCDay and endofUTCDay return time based on the UTC e.g. (&(whencreated>={zdate:startofday})(whencreated<={zdate:endofday})) or  (&(whencreated>={zdate:StartofUTCDay})(whencreated<={zdate:EndofUTCDay}))
Added new substitutes getdn, which will return the DN for the samaccountname provided as the parameter e.g. {getdn:domain admins}, {getdn:guests}, {getdn:user1}
Substitutions now available on the BaseDN field
Added addition DecodeTypes SD_DACL_COUNT and SD_SACL_COUNT returns the total number of ACE in the DACL or SACL. SD_DACL_EXPCOUNT and SD_SACL_EXPCOUNT returns the number of explicitly or no-inherited ACE in the ACL
Added additional DecodeTypes for Group Managed Service Accounts GMSAPWD, GMSAPWD.PWD, GMSAPWD.PPWD, GMSAPWD.QRY, GMSAPWD.UCG
Added additional DecodeTypes for RootKey - KDSPARAM
Added addtional DecodeType to WMI Time and date WMITIME and WMITIME_UTC
Updated LDAP Filter wizard to supported nested subst command and fixed formatting issues if brackets are included in the subst
Fixed bug in attribute update using escaped binary format
Change the priority order of the user defined DecodeType, so user defined settings take precedence
Added support for the use of environment variables in the filter and attribute fields i.e. (samaccountname=%username%)
Updated the auto complete feature to work with meta attributes and environment variables
Added the following static Decodes: 

msDS-ManagedPasswordId - GMSAPWDID
msKds-KDFParam  - BINARY
msKds-SecretAgreementParam - BIN
msKds-SecretAgreementParam - BIN
msKds-RootKeyData - BIN
crossCertificatePair - CERT
msds-ManagedPassword - GMSAPWD
msKds-CreateTime - 64TIME
msKds-UseStartTime - 64TIME
msDS-RequiredForestBehaviorVersion - ATTRIBENUM
msDS-RequireddomainBehaviorVersion - ATTRIBENUM
msWMICreationDate - WMITIME
msWMIChangeDate - WMITIME

Added a new tab to display the statistics associated to the access token

Object Compare
Fixed intermittent exception error, caused if the left object is deleted or moved between scans

The Resolver option has been updated to support user defined columns to allow additional attributes to be displayed
Updated to include a search of the proxyaddresses attribute for email address entries 
The context menus have been updated to allow items in output pane to be added to the Resolver and has a shortcut key of Crtl+R
Added status bar which displays total and selected items counts

Schema Class Browser
Added an extra columns that displays the security Property Set and DecodeType for each attribute
Fixed an intermittent exception error
Updated context menu on Where Used form so nested Where Used option can be performed

Schema Versions
Updated to include Exchange 2016 CU18 & 2019 CU7 schema updates

Updated so if an email address is specified then an additional search of the proxyaddresses attribute is included in the search request to the server
Updated to use the GC server details in the Connection Profile
Updated icons for Managed Service Accounts and Group Managed Service Accounts
Added status bar to show number of items returned and selected

User Rights
Added a new tab to display the statistics associated to the access token

Updated the redirection code to support additional record types

NetTools V1.28.0

NetTools V1.28.1 - minor fix in LDAP Browser

NetTools no longer uses the ADSI APIs, all queries against the AD now only use the LDAP API, this provides a small performance increase but more importantly it provides consistency across all features.
The toolbar is now always displayed at the top of NetTools, and includes buttons for navigation, Connection Profiles, Resolver and Help and quick search by default, Pin items are displayed to the right of these buttons.

Connection Profiles  *** New ***
With previous versions of NetTools, it would use the current user's credentials and domain join information of the workstation running NetTools to authenticate and select the directory that would be interrogated and there were only a few features that supported the use of different credentials via the Use LDAP Search Credentials option.  This version introduces a new feature called Connection Profiles, which adds the extra capability to define the server connection and credentials that will be used by the tests and features and provides a common method to define and access the AD across all tests.  See Connection Profiles.

Circular References  *** New ***
A new feature to test if there are any infinite loops in your group memberships. See Circular References

Resolver *** New ***
A quick way to search for a single or multiple items, just copy and paste a a single or list of items that you want to find, and it will search the AD for the items and display if they exist in the directory or not.  The copy and pasted list can be displayname, samaccountname, DN, SID, UPN, or email address.  See Resolver

AD Properties Dialog
Added an extra tab to display the TokenGroups for user and computer objects

A complete rewrite of the function from ADSI to LDAP API

Compare Objects
Updated to include the NTSecurityDescriptor attribute 

LDAP Browser
Added an additional feature to display the attribute values as a hex dump
Fixed issue with the filter limiting the number of items displayed (v1.28.1)

LDAP Search
Table view context menu updated to include a Use Column with option to allow data in the column for common dialogs
Removed the Credential option, you now use Connection Profiles to specific different credentials and authentication methods
Updated Tab views so selected items count on the status bar is updated when a tab is selected

A complete rewrite of the function from ADSI to LDAP API

NetTools V1.27.7

A new Pin context menu option is available in the left hand option selector, which is used to create shortcut buttons for your commonly used options.  See Basics
Default Copy to clipboard shortcut key has been changed to Ctrl-C, to align with standard copy and paste keys. now in any of the table views if one or more rows are selected and Ctrl-C is pressed, contents of the column directly under the cursor is copied to the clipboard

AD Properties
Updated to display Kerberos DES-CDC-CRC, DES-CDC-MD5, RC4 encryption options
Updated to use the LDAP enum decode function so attribute decodes are common across all dialogs 

Compare Objects
Added a Compare Values context menu option which displays a visual side by side comparison of the values with the difference highlighted. See Compare Objects

LDAP Browser
Fixed bug in LDAP browser, where intermittently it would display the attribute values twice

LDAP Search
Updated the LDAP Session options to fix a bug with the GetDsName flags
Updated enums to support LargeInteger (int64) values
Updated the MsExchRecipientTypeDetails, msExchRemoteRecipientType, msExchModerationFlags, and MsExchRecipientDisplayType enums with O365 values
Updated the OmSyntax enums values 
Added new Base64 Decode Type, to allow attribute values to be outputted in base64 format

RID Pool
Added an extra column to display the number of RID that are left in the pool for each domain controller

NetTools v1.27.0

Compare Objects  *** New ***
A new option to provide the ability to compare two object, or the changes that have been made on a single object based on a previous snapshot. See Compare Objects

LDAP Browser  *** New ***
I've copied the LDAP Browser feature from the LDAP Search option and now added it as it own item in the left hand pane. See LDAP Browser

AD Properties Dialog
Updated to display AES128 and AES256 encryption options

Attribute Replication
Added option to check attribute replication for objects in the the global catalog context

Find Trustee
Fixed intermittent exception error when checking for ownership permissions

LDAP Search
Added a tab output option, so results from each query is displayed on a new tab
Added enum decodes for msDs-SupportedEncryptionTypes
Updated the conditional attributes function so that meta data information is supported for both variable and results.
    e.g.   Validate;{if: meta.time.unicodepwd == pwdlastset : "Valid" : "Error"}

NetTools V1.26.0

Group Changes  ** New **
An audit function to show the group membership changes for the specified user.  See Group Changes

ACL Browser
Added the List objects permissions into the properties list view
Changed the default behavior when changing between ACL’s so any column sort orders are removed, and ACE are displayed in the order in the ACL.
Changed the first column to include the ACL Index number

Attribute Replication
Fix a scope issue so the attributes in the root object can be checked 

Copy to new Window
Added an context menu option to open a new window with the list unique column details
Now supports the Dynamic and Sort column sorts

Extended Rights
Fixed bug where GUID was not displayed

Added help button on each page which links back to the NetTools website for more information

Group Manger
Added support for email\upn in user input
Added Select All\Deselect All context menu options

LDAP Browser
Fixed indexing error when browsing a directory via the global catalog

LDAP Search
The current filter is now displayed in the text pane for each iteration of the query when in Input Mode

Last Logon Time
Added extra column for PwdLastSet 

Meta Data
Removed the 1000 item display limit on replication details.

Overlapping Subnets
Updated the display adding green and yellow indicator to show if the IP address range is assigned to different sites

Added context menu option to request a privilege

Schema Browser
Added the Index column to show if an attribute is Indexed or not

NetTools v1.25.11

ACL Browser
Update ACL\ACE Flags option view to display the raw mask data and mask after processing, which will show if there are any unprocessed masks
Trustee Mode updated so only the ACE that apply to the trustee are displayed.
Trustee Information dialog updated to displays the SIDs and associated name for the trustee.  Now also includes the ability to add or remove SIDs to a trustee's SID list, to provide the ability to evaluate the impact of changing a trustee's permissions

Updated SDProp to display the results in a list view
Added an option to trigger SDProp Process
Added context menu to reset ACL and AdminCount on selected users See SDProp for updated details

LDAP Search 
Update LDAP Filter Wizard to move change function on a separate button rather than linked to the type selection.
Added new Substitution option {-1:} which will be replaced with 9223372036854775807, which is 0xFFFFFFFFFFFFFFFF and is used on a number of attributes to indicate that the function\operation of the attribute is not set, as in the case for AccountExpires. e.g. (&(accountexpires=*)(!accountexpires=0)(!accountexpires={-1:}))  See LDAP Search Substitutions

Copy to new Window
The functionality of the Copy to new Window has been updated to include the ability filter the displayed results based on text and content filters.  See Copy to new Window for details

NetTools v1.24.4

ACL Browser
Fixed issue were attribute GUID are not loaded into the cache intermittently
LDAP Search
Added option to displayed extended error reporting
Updated string substitutions to include {sdate:now} and {sdatetime:now} to display the current date or date and time. Date format is fixed as DD/MM/YYYY.
Updated the copy favorites to clipboard option to copy the settings currently being displayed
Updated favorites to support ##inputn in the BaseDN field
UNC Check
Updated UNC dropdown to display the MRU UNC path from the Run dialog

NetTools v1.25.4

ACL Browser
Updated the flags so the inherited flag is reported correctly for schema based permissions

Schema Versions
Updated to include Exchange 2019 and CU1, CU2. See Schema Versions.

General - Column Sort
Updated 64Date sort function to correctly handle '-' entries

Locked Accounts
Added extra fields to the view - Bad Password Time, Account Expires, Lockout Time, Password Last Set
Added a bulk unlock function for selected accounts
Added status bar with the total and selected items

Updated search logic so the useraccountcontrol, accountexpires, lockoutime attributes are displayed correctly in the output.
Fixed issue where the current column list is not displayed in the column selection dialog
Changed the options to be non-volatile