Category Archives: Versions

NetTools v1.30.0

ASN.1 Viewer      
An option to display ASN.1 data structures, support for DER, PEM, PKCS#7, and PKCS#12 file formats, and manual input in hex and base64 formats.  Includes support for common x.509 field types. See ASN.1 Viewer

DirSync      
An option to run an LDAP query with the DirSync server side control to display what changes have been made in the select context. See DirSync

Domain Changes      
An option to display which objects have been changed/created or replicated to the domain controller, based on the objects with updated USNChanged attribute. See Domain Changes

Object Counts      
An option to count the number of different types of objects that exist under the selected OU structure.  Selectable object types for Users, Groups, Computers, Active Users, OU and all objects. See Object Counts

User's Membership    
An option to display a user's group membership, including nested groups and which group contributed to the user's groups. See User's Membership

General
Updated the icons and context menu icons.
Added additional command line options to allow a LDAP Search Favorite to specified and run from the command line, /f:<favorite name>, i.e. NetTools "/f:AD: RootDSE"  The /Q option is also available which will cause NetTools to quit after the query has finished running.
Added a new Find feature to enable searching for items in the result.
Added Open Container context menu to open the parent container in LDAP Browser.
Added LDIF Export option to context menus to allow the objects to exported to file in ldif file format.
Time and Dates now displayed based on locale and regional settings, LDAP Search Substitution input entries also use locale date format for entry.
Options that require a username (SamAccountName) entry, now display a user search dialog if the entered name is not found.

ACL Browser
Added Group Members and Group Manager options to the context menus.
Fixed intermittent exception error when copying multiple items.
Fixed display issue associated to member attribute and add\remove self to group extended right.

AD Attributes
Updated to remove the dependency on the AllowedAttributes to allow the objects from non AD based directories to be displayed.

AD Properties
Updated the TokenGroups tab to include the SID of the names that are resolved against each entry.    Also includes an option to use Absolute SID Resolution, this is to help identify any entries that are associated to SID History.
Updated Members tab to also display which members have been removed from the group and when.
Updated the object selector used to manage group membership to support a paste option, so multiple entries can be added to the selection list.  Supports DN, samaccountname, upn, email, and name, with any combination of these.
Added option on Logon tab to perform a Last Logon scan.
Added option to display organisation structure from Organisation Tab.
Updated the Members and MemberOf lists to include the samaccountnames of included objects

Base64
Updated to use dynamic buffers rather than static to allow for larger decodes.
Added option to decode output to file.
Added option to be able to display hex or base64 outputs in the ASN.1 viewer.
Improved the handling of the extra space in the data input.
Updated to support Hex stream data input format.

Compare Groups
Updated so it can compare both member and memberof attributes, so it can be used to compare the membership of groups as well as users.

Copy To Windows
Improved the performance when displaying large list of items and better indication to the user when the program is busy.

DsGetDcName
Updated the selectable options to include DS8, DS9, DS10, and Key Lists.
Updated the flags decode to display the full flags names, and added support for DS9, DS10, Key Lists.

DC Resolution
Updated the ports option to allow lists of ports to be defined and selected, simplifying the testing of different services.

GPO Explorer
Added AD Sites view with indication if policies are applied to a site.
Double click to WMI filter viewer to display policy details.
Added GPO Results to context menu to the Content tab of the GPO Allocation view to display which policies have been applied to a selected machines.
Updated to display the wireless and wired GPO settings.
Updated to display which client side extensions are assigned to the GPO.
Updated the Settings view for the registry items to display all the registry entries in the registry.pol as a single list, the option is available by clicking on the Settings item at the top of the registry tree.
Updated a number of context menus to include some of the standard options, which were missing.
Updated GPO List view to include the split screen option to display the selected GPO properties below the list.
Added context menu item to display all OUs that have block Inheritance enabled.
Added additional error handle to GPO that don't have the display name set or gplink attributes with invalid format

Last Logon Time
Added accumulative logon Count across all domain controllers and DN
Added context menu option to input a new entry

LDAP Search
Conditional Attributes - updated logic so an attribute with no value set is also tested against the condition statement. i.e. location!=london will be true if no value is set.
Conditional Attributes - updated so the position of the wildcard character is position sensitive, if the wildcard character is placed at the begin of the search criteria i.e. *disable, then 'disable' will match any where in the attribute. If the wildcard is placed at the end of the search citeria i.e. disable*, the a match only occurs if disable is at the start of the attribute.
Conditional Attributes - the entered case of static entries is now persevered.
Custom Controls updated to allow data encoding type to be defined, data can now be defined as String or Integer encoded using BER encoding, or Non-BER encoded Integer.
Option to display server controls that are sent and returned as a hex dump and ASN.1 structure dump in the text output view, option is selected in the Manage Controls dialog.
Updated Search Statistics option to automatically change which sets of search stats are returned based on the domain controller functional level.
Updated Attributes field to also support the getdn substitution, so they can be used in the update queries.
Updated the MSTRUST DecodeType for the msds-TrustForestTrustInfo attribute to provide details of excluded routing suffixes.
Updated Filter processing to remove the case sensitivity of boolean expressions.
When the Display Results option is not selected with Update Queues, it will prevent the attribute pre-read before updates which significantly improves the performance when updating attributes with more than a few thousand values.
Updated REPS_INFO DecodeType, used by repsto and repsfrom attributes, to support V2 data structure format.
Updated file output logic, so when file output is selected and Display Results is not selected, the results are written to the file.  Fixed bug with single line option so all entries are now written to the file. Fixed bug with tab separated character.
Updated Use column with context menu to include add to Resolver.
Added new GPLINKS DecodeType to return a list of GPO DNs in the gplink attribute
Added a shift key function to disable html parser when pasting items in Input Mode.
Added new METAP DecodeType, used for the replPropertyMetaData attribute.

LDAP Search - Predefined Queries
The following predefined queries have been added:

AD: Schema Attributes ANR Indexed
AD: Schema Attributes Confidential
AD: Schema Attributes Constructed
AD: Schema Attributes in GC
AD: Schema Attributes Indexed
AD: Schema Attributes Not Replicated
AD: Schema Attributes Tuple Indexed

The following predefined queries have been updated:

GPOs: All
GPOs: All deleted
GPOs: Computer Targeted Policies
GPOs: Created in Last 30 Days
GPOs: Created in Last 60 Days
GPOs: Created in Last 7 Days
GPOs: Created in Last 90 Days
GPOs: Created Today
GPOs: Created Yesterday
GPOs: Deleted in the last 24 hours
GPOs: Deleted in the last 48 hours
GPOs: Modified in Last 30 Days
GPOs: Modified in Last 60 Days
GPOs: Modified in Last 7 Days
GPOs: Modified in Last 90 Days
GPOs: Modified Today
GPOs: Modified Yesterday
GPOs: Non Active
GPOs: Policies with a WMI Filter
GPOs: User & Computer Targeted Policies
GPOs: User Targeted Policies
GPOs: WMI Filters
Groups: All
SCCM: Management Points
SCCM: Site Boundaries
SCCM: Sites
Users: Active Users Who Haven't Logged On In Last x Days - user defined period
Users: Without Home Directory

Meta Data Dialog
Updated Value replication table to include local and originating USN details.

NetGroupEnum
Renamed the option to Local Groups.

Organisation Structure
Change the default view to display reporting lines, including peers and direct reports as separate items.  Still has the option to display the old tree view as this is more useful in some scenario.

Replication Queues
Updated authentication to use DSBindWithCred instead to DsBind to allow the credentials from the Connection Profiles to be used.

Resolver
Included a key shortcut to allow new entries to be manually entered using the Insert key.
Context menu updated to be object sensitive and will enable and disable options based on the object selected.
Display GPO Results added to the Use with context menu.
Fixed bug where the item count may be incorrect.
Updated to allow tracking of objects that have been opened or used with context menus
Added Object History option, so all object opened or linked via context menus are automatically added to the the Resolver list
Updated so each new entry added also records the server name.

SID Converter
Updated output view to use a table view to simplify the output and easier to copy details between options.
Added the option to display SID details from a Base64 format input.
Fixed bug where comma separated SIDs were not resolved correctly.

Schema Versions
Updated to include support for Exchange 2019 CU8, CU9 &CU10, 2016 CU19, 20 & CU21

Schema History
Updated with details of SCCM, Mapi Lab, EMC schema extensions
Updated to display Unknown if the schema extension is not in the internal database.

Time Converter
Updated to display the time outputs in a table view.
The time and date input are now based on the locale time\date format.  The locale time\date format is displayed as the supported formats section.

Token Size
Updated the size column to reflect the Token Size based on the MS algorithm to calculate Token Size.

User Search
Updated Use With context menu to include Local Groups option, to allow the local groups of member machines to be viewed.
Updated Use With context menu to include GPO Results on computer objects that are returned.
Updated icons so there is a separate icon for expired users
Updated to include an advanced option to allow searching of specific attributes on nominated object.

NetTools v1.29.0

nettools

Sessions   
A new option to display the existing logon sessions on the machines, and the ability to display what processes are associated to a logon session.

General
NetTools now includes over 280 predefined LDAP queries
Finally removed the default icon and added a new one
Added the option to add selected item to Resolver on the context menu

ACL Browser
Updated to include the Modify owner rights in the ACE pane
Updated flags view to display additional tag for each of the the various SD flags and flag values
Added context menu to copy the SD to clipboard in SDDL format

AD Properties Dialog
Updated to include the msExchRemoteRecipentType on the Exchange tab
Added capability to manage group membership of the member and memberof attributes
Updated TokenGroup tab to display the source SID rather than 'Error' if the SID can't be resolved
Added sMGS tab to display details associated to Group Managed Service Accounts, with the option to display and copy the current and previous passwords
Updated icons for Managed Service Accounts and Group Managed Service Accounts
Added BitLocker tab to display BitLocker recovery keys

Attribute Dialog
Added context menu to display the Attribute Value dialog with and without attribute Decode
Added context menu to allow the value to displayed in Hex Dump
Added context menu to display the schema definition of an attribute

DSGetDcName
Added a manual flag option, so you can specify the actual flags sent to server

Clipboard
Updated the Clipboard option to display the different data type available in the clipboard and the ability to display the data associated to each clipboard data type
Included the option to display a hex dump of the clipboard data

Connection Profiles
Updated AD Properties and Attributes dialog and Top Quotes to work correctly with Connection Profiles
Updated the Server tab to enable the global catalog to be specified, used specifically for the User Search, AD Properties dialog and the LDAP Search Use GC option
Fixed bug with Anonymous authentication type
Fixed intermittent issues causing the credentials dialog not being drawn correctly
Fixed bug where profile details were not displayed for the selected profile, if prompted to save unsaved changes

GPO Explorer
Updated to include WMI Filters and AD Sites
WMI Filter name now displayed on GPO allocation screens
Updated the XML parse for GPO Preferences to improve the displaying of settings
Added additional validation for preference so only items that have an XML file are shown as having settings

LDAP Browser
Added context menu to allow the DN of objects to be copied to the clipboard

LDAP Ping
Added a manual flag option, so you can specify the actual flags sent to server

LDAP Search
Fixed bug in Input Mode, where an exception could be caused if a row of input data is missing a column item
Added the option to add additional user specified server side controls
Updated to include Use GC option to use the GC server settings in the Connection Profile
Updated date substitutes to include StartofDay, EndofDay, StartofUTCDay, and EndofUTCDay constants, StartofDay and EndofDay returns times based on local time, while StartofUTCDay and endofUTCDay return time based on the UTC e.g. (&(whencreated>={zdate:startofday})(whencreated<={zdate:endofday})) or  (&(whencreated>={zdate:StartofUTCDay})(whencreated<={zdate:EndofUTCDay}))
Added new substitutes getdn, which will return the DN for the samaccountname provided as the parameter e.g. {getdn:domain admins}, {getdn:guests}, {getdn:user1}
Substitutions now available on the BaseDN field
Added addition DecodeTypes SD_DACL_COUNT and SD_SACL_COUNT returns the total number of ACE in the DACL or SACL. SD_DACL_EXPCOUNT and SD_SACL_EXPCOUNT returns the number of explicitly or no-inherited ACE in the ACL
Added additional DecodeTypes for Group Managed Service Accounts GMSAPWD, GMSAPWD.PWD, GMSAPWD.PPWD, GMSAPWD.QRY, GMSAPWD.UCG
Added additional DecodeTypes for RootKey - KDSPARAM
Added addtional DecodeType to WMI Time and date WMITIME and WMITIME_UTC
Updated LDAP Filter wizard to supported nested subst command and fixed formatting issues if brackets are included in the subst
Fixed bug in attribute update using escaped binary format
Change the priority order of the user defined DecodeType, so user defined settings take precedence
Added support for the use of environment variables in the filter and attribute fields i.e. (samaccountname=%username%)
Updated the auto complete feature to work with meta attributes and environment variables
Added the following static Decodes: 

msDS-ManagedPasswordId - GMSAPWDID
msKds-KDFParam  - BINARY
msKds-SecretAgreementParam - BIN
msKds-SecretAgreementParam - BIN
msKds-RootKeyData - BIN
crossCertificatePair - CERT
msds-ManagedPassword - GMSAPWD
msKds-CreateTime - 64TIME
msKds-UseStartTime - 64TIME
msDS-RequiredForestBehaviorVersion - ATTRIBENUM
msDS-RequireddomainBehaviorVersion - ATTRIBENUM
msWMICreationDate - WMITIME
msWMIChangeDate - WMITIME

Logon
Added a new tab to display the statistics associated to the access token

Object Compare
Fixed intermittent exception error, caused if the left object is deleted or moved between scans

Resolver
The Resolver option has been updated to support user defined columns to allow additional attributes to be displayed
Updated to include a search of the proxyaddresses attribute for email address entries 
The context menus have been updated to allow items in output pane to be added to the Resolver and has a shortcut key of Crtl+R
Added status bar which displays total and selected items counts

Schema Class Browser
Added an extra columns that displays the security Property Set and DecodeType for each attribute
Fixed an intermittent exception error
Updated context menu on Where Used form so nested Where Used option can be performed

Schema Versions
Updated to include Exchange 2016 CU18 & 2019 CU7 schema updates

Search
Updated so if an email address is specified then an additional search of the proxyaddresses attribute is included in the search request to the server
Updated to use the GC server details in the Connection Profile
Updated icons for Managed Service Accounts and Group Managed Service Accounts
Added status bar to show number of items returned and selected

User Rights
Added a new tab to display the statistics associated to the access token

WhoIs
Updated the redirection code to support additional record types

NetTools V1.28.0

NetTools V1.28.1 - minor fix in LDAP Browser

General
NetTools no longer uses the ADSI APIs, all queries against the AD now only use the LDAP API, this provides a small performance increase but more importantly it provides consistency across all features.
The toolbar is now always displayed at the top of NetTools, and includes buttons for navigation, Connection Profiles, Resolver and Help and quick search by default, Pin items are displayed to the right of these buttons.

Connection Profiles  *** New ***
With previous versions of NetTools, it would use the current user's credentials and domain join information of the workstation running NetTools to authenticate and select the directory that would be interrogated and there were only a few features that supported the use of different credentials via the Use LDAP Search Credentials option.  This version introduces a new feature called Connection Profiles, which adds the extra capability to define the server connection and credentials that will be used by the tests and features and provides a common method to define and access the AD across all tests.  See Connection Profiles.

Circular References  *** New ***
A new feature to test if there are any infinite loops in your group memberships. See Circular References

Resolver *** New ***
A quick way to search for a single or multiple items, just copy and paste a a single or list of items that you want to find, and it will search the AD for the items and display if they exist in the directory or not.  The copy and pasted list can be displayname, samaccountname, DN, SID, UPN, or email address.  See Resolver

AD Properties Dialog
Added an extra tab to display the TokenGroups for user and computer objects

AD Site ISTG
A complete rewrite of the function from ADSI to LDAP API

Compare Objects
Updated to include the NTSecurityDescriptor attribute 

LDAP Browser
Added an additional feature to display the attribute values as a hex dump
Fixed issue with the filter limiting the number of items displayed (v1.28.1)

LDAP Search
Table view context menu updated to include a Use Column with option to allow data in the column for common dialogs
Removed the Credential option, you now use Connection Profiles to specific different credentials and authentication methods
Updated Tab views so selected items count on the status bar is updated when a tab is selected

SCP 
A complete rewrite of the function from ADSI to LDAP API

NetTools V1.27.7

General
A new Pin context menu option is available in the left hand option selector, which is used to create shortcut buttons for your commonly used options.  See Basics
Default Copy to clipboard shortcut key has been changed to Ctrl-C, to align with standard copy and paste keys. now in any of the table views if one or more rows are selected and Ctrl-C is pressed, contents of the column directly under the cursor is copied to the clipboard

AD Properties
Updated to display Kerberos DES-CDC-CRC, DES-CDC-MD5, RC4 encryption options
Updated to use the LDAP enum decode function so attribute decodes are common across all dialogs 

Compare Objects
Added a Compare Values context menu option which displays a visual side by side comparison of the values with the difference highlighted. See Compare Objects

LDAP Browser
Fixed bug in LDAP browser, where intermittently it would display the attribute values twice

LDAP Search
Updated the LDAP Session options to fix a bug with the GetDsName flags
Updated enums to support LargeInteger (int64) values
Updated the MsExchRecipientTypeDetails, msExchRemoteRecipientType, msExchModerationFlags, and MsExchRecipientDisplayType enums with O365 values
Updated the OmSyntax enums values 
Added new Base64 Decode Type, to allow attribute values to be outputted in base64 format

RID Pool
Added an extra column to display the number of RID that are left in the pool for each domain controller

NetTools v1.27.0

Compare Objects  *** New ***
A new option to provide the ability to compare two object, or the changes that have been made on a single object based on a previous snapshot. See Compare Objects

LDAP Browser  *** New ***
I've copied the LDAP Browser feature from the LDAP Search option and now added it as it own item in the left hand pane. See LDAP Browser

AD Properties Dialog
Updated to display AES128 and AES256 encryption options

Attribute Replication
Added option to check attribute replication for objects in the the global catalog context

Find Trustee
Fixed intermittent exception error when checking for ownership permissions

LDAP Search
Added a tab output option, so results from each query is displayed on a new tab
Added enum decodes for msDs-SupportedEncryptionTypes
Updated the conditional attributes function so that meta data information is supported for both variable and results.
    e.g.   Validate;{if: meta.time.unicodepwd == pwdlastset : "Valid" : "Error"}

NetTools V1.26.0

Group Changes  ** New **
An audit function to show the group membership changes for the specified user.  See Group Changes

ACL Browser
Added the List objects permissions into the properties list view
Changed the default behavior when changing between ACL’s so any column sort orders are removed, and ACE are displayed in the order in the ACL.
Changed the first column to include the ACL Index number

Attribute Replication
Fix a scope issue so the attributes in the root object can be checked 

Copy to new Window
Added an context menu option to open a new window with the list unique column details
Now supports the Dynamic and Sort column sorts

Extended Rights
Fixed bug where GUID was not displayed

General
Added help button on each page which links back to the NetTools website for more information

Group Manger
Added support for email\upn in user input
Added Select All\Deselect All context menu options

LDAP Browser
Fixed indexing error when browsing a directory via the global catalog

LDAP Search
The current filter is now displayed in the text pane for each iteration of the query when in Input Mode

Last Logon Time
Added extra column for PwdLastSet 

Meta Data
Removed the 1000 item display limit on replication details.

Overlapping Subnets
Updated the display adding green and yellow indicator to show if the IP address range is assigned to different sites

Rights
Added context menu option to request a privilege

Schema Browser
Added the Index column to show if an attribute is Indexed or not

NetTools v1.25.11

ACL Browser
Update ACL\ACE Flags option view to display the raw mask data and mask after processing, which will show if there are any unprocessed masks
Trustee Mode updated so only the ACE that apply to the trustee are displayed.
Trustee Information dialog updated to displays the SIDs and associated name for the trustee.  Now also includes the ability to add or remove SIDs to a trustee's SID list, to provide the ability to evaluate the impact of changing a trustee's permissions

SDProp
Updated SDProp to display the results in a list view
Added an option to trigger SDProp Process
Added context menu to reset ACL and AdminCount on selected users See SDProp for updated details

LDAP Search 
Update LDAP Filter Wizard to move change function on a separate button rather than linked to the type selection.
Added new Substitution option {-1:} which will be replaced with 9223372036854775807, which is 0xFFFFFFFFFFFFFFFF and is used on a number of attributes to indicate that the function\operation of the attribute is not set, as in the case for AccountExpires. e.g. (&(accountexpires=*)(!accountexpires=0)(!accountexpires={-1:}))  See LDAP Search Substitutions

Copy to new Window
The functionality of the Copy to new Window has been updated to include the ability filter the displayed results based on text and content filters.  See Copy to new Window for details

NetTools v1.24.4

ACL Browser
Fixed issue were attribute GUID are not loaded into the cache intermittently
LDAP Search
Added option to displayed extended error reporting
Updated string substitutions to include {sdate:now} and {sdatetime:now} to display the current date or date and time. Date format is fixed as DD/MM/YYYY.
Updated the copy favorites to clipboard option to copy the settings currently being displayed
Updated favorites to support ##inputn in the BaseDN field
UNC Check
Updated UNC dropdown to display the MRU UNC path from the Run dialog

NetTools v1.25.4

ACL Browser
Updated the flags so the inherited flag is reported correctly for schema based permissions

Schema Versions
Updated to include Exchange 2019 and CU1, CU2. See Schema Versions.

General - Column Sort
Updated 64Date sort function to correctly handle '-' entries

Locked Accounts
Added extra fields to the view - Bad Password Time, Account Expires, Lockout Time, Password Last Set
Added a bulk unlock function for selected accounts
Added status bar with the total and selected items

Search
Updated search logic so the useraccountcontrol, accountexpires, lockoutime attributes are displayed correctly in the output.
Fixed issue where the current column list is not displayed in the column selection dialog
Changed the options to be non-volatile

NetTools v1.25.0

GPO Explorer *** New ***
A new option to browser GPOs and GPO allocation. Supports similar functionality as the Group Policy Manager, allowing viewing of GPO configuration, permissions, OU structure browsing, with policy inheritance, display the raw settings in the policies, covering registry, scripts, GptTmpl, GPP settings. Includes the option to view and edit policies using gpedit or GPMC editor, if it's installed.

Object Metadata *** New ***
This option will display the metadata of an attribute on a specific object across all domain controllers, to allow checking of replication consistency

Top Quotas *** New ***
Option to display the quota usage of the top users. Includes an option to display the quota allocation to an individual user. With the ability to select the quota per partition.

ACL Browser
Added Meta data and Attributes to the content menu of the left hand pane
Updated to display deleted and recovery items, corresponding permissions required
Added Trustee mode, allows you to select a trustee and the ACE icon will display a green tick on all the ACE that the trustee has been assigned
Updated ACE pane so the ADS_RIGHT_DS_CONTROL_ACCESS right is displayed as Control access against the property. This provides simpler visibility of Confidential Attribute configuration

AD Properties Dialog
Added icon for locked accounts

AD Subnets
Updated to support column sorting

Control Access Rights
Updated screen redraw to increase display speeds

DC Resolution
Updated ports dialog to allow multiple ports to be removed
Fixed bug where a server could be displayed multiple test due to case sensitive

Extended Rights
Added column for Rights GUID

Last Logon Time
Fixed intermittent Index error when sorting

LDAP Browser
Changed ObjectClass order so Options attributes are decoded correctly

LDAP Search
Update SupportedControl to include LDAP_SERVER_SET_OWNER_OID, LDAP_SERVER_BYPASS_QUOTA_OID, LDAP_SERVER_LINK_TTL_OID,
LDAP_SERVER_SET_CORRELATION_ID_OID,
LDAP_SERVER_THREAD_TRACE_OVERRIDE_OID
Add inline filter substitution for Match rule OID LDAP_MATCHING_RULE_DN_WITH_DATA introduced in Windows 2012R2. The substitution characters for this rule is $= e.g. (msDS-HasInstantiatedNCs $= B:8:0000000D:DC=corp), which expands to (msDS-9HasInstantiatedNCs:1.2.840.113556.1.4.2253:=B:8:0000000D:DC=corp)
Fixed bug in the range option on attributes
Added DecodeType for Unicode strings, it also supports Byte Order Mark (BOM) to define the Unicode format
Updates to the screen draw in table view, provides about 25% increase in displaying results
Added 'Display on Complete' option to increase the display speed, screen updates are suppressed until all results are displayed

Locked Accounts
Added context menu for AD Properties and Attributes

NetGroupEnum
Updated to include icons to represent users and groups
Updated context menu to include AD properties for the select trustee

Ping
Updated to support column sorting

Schema Class Browser
Update to display the hierarchy of the selected schema class

Schema History
Added extra column to display OID
Added Windows 2019
Added Exchange 2016 CU7
Schema Version
Updated Windows 2019
Changed Unknown to Not Set for items that don't exist
Added option to display the raw values rather than the decoded values

SD Prop
Complete rewrite to support new functionality
Added context menu to display AD properties
Added option to clear the AdminCount attribute and reset ACL inheritance on user accounts that have AdminCount attribute set

Site Browser
Added option to display the list of IP subnets
Added option to display the list of AD Site Links

Time Converter
Updated to support yyyy/mm/dd hh:mm:ss time\date format
Updated to support yyyy-mm-ddThh:mm:ss.mmm Azure time\date format

Token Size
Fixed double click on Token Size List so sub group list is opened

User's Groups
Context menu updated to include option to open AD properties

User Search
Fixed bug where stored LDAP Search credentials are used when displaying Attributes Dialog
Add context menu for Find Trustee, GPO Allocation, Quota Usage
Added icon for locked user accounts, GC search must be disabled for locked accounts to be displayed

WINS Lookup
Improved error reporting and added Set Debug option

DecodeTypes list:
    DEFAULT - ASCII
    64DATE - Win32 64bit Date Format
    64TIME - Win32 64bit Date & Time Format, local time
    64TIME_UTC - Win32 64bit Date & Time Format, UTC
    ATTRIBENUM - predefined enumerate
    ATTRIBENUM_NONUM - predefined enumerate only symbolics are displayed
    BEROID - Basic Encoding Rules (BER) Organization Identifier
    BIN - Binary list
    CERT - Certificates
    COUNT - Returns the number of entries in the attribute
    CRL - Certificate Revocation List
    DNSPROPERTY - DNS Properties entries
    DNSRECORD - DNS entries
    DNSRECORD.DATA - return only the data field
    DNSRECORD.RANK - return only the rank field
    DNSRECORD.SERIAL - return only the serial field
    DNSRECORD.TIMEOUT - return only the timeout field
    DNSRECORD.TIMESTAMP - return only the timestamp field
    DNSRECORD.TTL - return only the ttl field
    DNSRECORD.TYPE - return only the type type field
    DNSRECORD.VERSION - return only the version field
    DSA_SIG - DSA Signature
    FILETIME - Win32 File Date & Time Format
    GTFTIME - Generalized Time Format, local time
    GTFTIME_UTC - Generalized Time Format, UTC
    GUID - Windows COM GUID format
    GUID_LDAP - GUID in LDAP filter format
    GUID_RAW - Hex GUID format
    HEX - Display a number if Hex format
    IP - DWORD IP address in windows order
    IPN - DWORD IP address in network order
    MSTRUST - Decoder for msds-TrustForestTrustInfo
    NTDS_CONN_OPT - Returns the options for the Options of NTDSConnection
    NTDS_DSA_OPT - Returns the options for the Options of NTDSDSA
    NTDSSSITE_OPT - Returns the options for the Options of NTDS Sites Settings
    PARENTCN - Returns the parent container of the CanonicalName
    PARENTDN - Returns the parent container of the distinguishedName
    PERIOD - Certificate renewal period
    PSMTP - Display primary smtp entry
    PWDSEC - Password secounds
    PX400 - Display primary x400 entry
    PX500 - Display primary x500 entry
    REPL_UTDV - NC Up ToDateness Vectors
    REPS_INFO - Replication neighbours RepsTo and RepsFrom
    RIDPOOL - RID Pool Allocations
    SD - Security Descriptor in SDDL format
    SD_NAME - Returns the resolved names of all the entries in the SD
    SD_NAME_DACL - Returns the resolved names of the DACL entries in the SD
    SD_NAME_GROUP – Return the primary group assigned in the SD
    SD_NAME_OWNER - Returns the resolved name of the owner in the SD
    SD_NAME_SACL - Returns the resolved names of the SACL entries in the SD
    SD_SID - Returns the SID of all entries in the SD
    SD_SID_DACL - Returns the SID of the DACL entries in the SD
    SD_SID_GROUP – Returns the primary group assigned in the SD
    SD_SID_OWNER - Returns the SID of the Owner in the SD
    SD_SID_SACL - Returns the SID of the SACL entries in the SD
    SID - Display Security Identifier in text form
    SID_ABS - Display the absolute name of the SID
    SID_REL - Display the relative name of the SID
    SITE_LINK_OPT - Returns the options for the Options of SiteLink
    SIZE - The size of the data returned
    SMTP - Display only smtp entries
    TRANSPORT_OPT - Returns the options for the Options of transport container
    UNICODE - Return a string in Unicode format, with BOM decode support
    X400 - Display only x400 entries
    X500 - Display only x500 entries