Connection Profiles

By default NetTools will use the domain the workstation is joined to define the AD it talks to and the user context that NetTools is executed under to provide the credentials used to access the AD.  In most case this is sufficient, however, there are a number of scenario where you might want to connect to different AD or use a different set of credentials, Connection Profiles provide this ability.  

Multiple Connection Profiles can be defined, that can be used to select different domains, specify the domain controller, different credentials, different authentication method, AD paging and page size, or SSL binds.  Once Connection Profiles are defined they can be selected on per feature basis or a Connection Profile can be set as default and that Connection Profile will be used if no server or profile is selected.

If no profiles are defined then NetTools will continue to use the default domain of the workstation and credentials of the user context executing NetTools when connecting the AD.

The Connection Profiles dialog is access via the toolbar:

This is the Connection Profiles dialog

New profiles are created click on the New button, you will be prompted to enter a name for the new profile.  Once a profile is selected the Server and Credentials options will be enabled.
The Remove button will delete the selected profile.
The Default button is used to the selected which profile will be used by default if the Server field on the NetTools test\option is left blank.  If the selected profile is already set to be the default profile, clicking Default again will be cleared as the default.
The Clear Credentials button is used to clear cached passwords, and when a profiles that prompts for a password is used, you will be prompted to provide the password.
The Save button is used to save any changes made to the profile, if you forget to save changes when changing between profiles or closing the dialog you will be prompted to save your changes.

The Server tab defines the connection details to the AD and the connection type to be used. 

The Server field specifies the name of the server that NetTools will connect to.  If the AD being accessed is the same AD as the workstation is joined to, this can be blank and NetTools will use the default AD name resolution to find a domain controller. Or it can be the FQDN of the AD domain and forest, and as a long as name  can be resolved, it will connect.
By default the Port is set to 389, this can be changed to reflect the requirements of the AD, AD LDS or LDAP directory you are connecting to. 
The SSL Bind specifies if the connection will use SSL encryption for the traffic, when SSL Bind is selected the Port will automatically change to 636, however, this can be changed if required.
The Verify Certificate option defines if the server certificate that is used during the bind is validated or not, with this option selected the certificate is validated by the default Microsoft revocation process.  When this option is not selected the certificate is not verified and the certificate is accept without any form of validation, and a certificate with issues will also be accepted. 
The Paging option define if the paging server side control is used when performing queries against the AD. If this option is not selected then the number of items returned will be limited to MaxPageSize entry as defined the Query Policy applied to the domain controller. The Page Size defines the number of records that will be returned in each page request.  It's recommended to leave Paging enabled when connecting to Microsoft AD or AD LDS directories.

The Bind Type specifies the bind method and if credentials are required.
The Current user's credentials option will use the LDAP_AUTH_NEGOTIATE authentication method and the current credentials used to execute NetTools. 
The Bind with Credentials option will bind with the LDAP_AUTH_NEGOTIATE authentication method and use the credentials provided in the Credentials section
The Advanced Bind type option allow you to specify the bind\authentication method that will be used when connecting to the directory.  The available bind types are, some of which may require additional security packages to be installed for them to be used:

LDAP_AUTH_SIMPLE this method requires the DN of the account and password, domain is not required
LDAP_AUTH_DIGEST Digest authentication package
LDAP_AUTH_DPA Distributed password authentication. Used by Microsoft Membership System
LDAP_AUTH_MSN Microsoft Network Authentication Service
LDAP_AUTH_NTLM this method uses NTLM to authenticate against the directory
LDAP_AUTH_SICILY covers package negotiation to MSN servers
LDAP_AUTH_DIGEST this method requires the samaccountname and password
LDAP_AUTH_NEGOTIATE this method requires either, samaccountname or UPN and password, the domain is optional
ANONYMOUS the username and password are not required

The Credentials options are enabled based on the Bind Type selection and provide the ability to specify different Credentials.

Passwords

NetTools doesn't save passwords to permanent storage, they are only cached in memory for the duration that NetTools is running.  In the Connection Profiles, there is no option to enter the password, if a password is required then the Prompt for Password option must be selected.  Then when the profile is used and a password is required, you will be prompted to provide the password (the dialog below will be displayed).  The password provided is encrypted and stored in memory and the cached password will be used if the profile is used again.  If the password entered causes an invalid credential error when connecting to the server, the cached password is cleared and you will be prompted to enter the password again the next time the profile is used.

When a profile is changed and saved, the cached password associated to the profile is cleared and you will be prompted for the password when the profile is next used.

You can use the Clear Credentials button to clear the password associated to all profiles.

Using Connection Profiles

Once the Connection Profiles have been created, you can select the required profile from the server or domain field dropdown lists on each of the NetTools Options.  The servers or domains that have been saved are displayed first, then under the Profiles tag, the list of profiles are displayed.  If default profile has been setup, then if the server field is left blank then the default profile will be used.  In the screenshot below the Profiles: New, Test, admin, and local are displayed.

The following NetTools options do not uses Connection Profiles:

        • DsGetDcName
        • NetGetDcName
        • LDAP Ping
        • LSA Trust

LDAP Search Options

This post contains the details of options that are available in the LDAP Search option.

Input Fields

Server - the name of the server that the query will be directed
BasedDN - specifies the base distinguished names, in RFC1779 format
Filter - the LDAP filter that will be passed to the server. The background of the field will turn red if the filter is invalid.
Attributes - the attributes to be returned by the query
Favorites - used to select and save favorites. See Favorites
Display Filter - define a display filter which will be applied the results returned by the server. See Display Filters
Sort - specify the sort order the server should return the results
Filename - specifies the name of the output file

Display Options

Display Results – With this option deselected the results of the query are not displayed
Display DN – A DN field is added to the output.  If this option is deselected, The Show Attributes, AD Properties, and Meta Data options will not be available on the context menu
Display on completion – With this option deselected the entries are displayed as they are decoded, with this option selected, the screen updates are suppressed and only displayed once the queries has finished
Attribute count only -  when selected the number of entries per attribute is displayed.
Hex Dump -  this option is display an hex dump of the data in the displayed attributes, with the table view enabled on the hex values are displayed.  With the table view disabled both the hex and text are included in the dump.
Raw Format – With this option selected the attribute decodes are disabled and the outputs are displayed based on the default format returned by the LDAP server
Single Line – When selected the entries of an attributes are displayed on a separate line and a count is displayed after the attribute tag
Output to file – with this option select the output of the queries is saved to the file specified in the filename field
No Attribute tags – by default the name of the attribute is displayed in the text output pane, however if this option is selected the attribute name\tag is not displayed

Server Side Controls

This section will append one of the predefined server controls in the query sent to the server
Paged Searches – enables the paged search control details here https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/1b4a637c-c682-4b5e-9397-fe9142a38887
Extended DN – control will cause the server to return the extended dn as described here https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/57056773-932c-4e55-9491-e13f49ba580c
Attribute Scope Query – this is used to the search the object specified in an Object(DS-DN) syntax attribute, the attribute is associated to the object specified in the BaseDN field.  The attribute to be used is specified as the first attribute listed in the attributes field, the subsequent attributes are the attributes to be returned. See ASQ  Details of the control can be found here https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/77d880bf-aadd-4f6f-bb78-076af8e22cd8
Delete Objects – when this control is enabled the Deleted objects container and its contents are returned.
Recycle Object – when this control is enabled the Recycled objects container and its contents are returned.
NTSecurityDescriptors – with this control enabled the server will also return the security descriptior for the object contained in the NTSecurityDescriptor attribute
Include SACL – this option will also include the Security Access Control List in the NTSecurityDescriptor details, this required the SESecurityLog right
Search Stats – When enabled the server will return the  server statistics on the query.

Table View Options

Table View – when this option is enabled the table view is enabled and the results are presented in a tabular view
Clear Table – when enabled the table view is clear of contents before the query is run
Table Input – This options enable input mode which allows inputs to be pasted into the table and then used as the basis of queries, see LDAP Search Input Mode 
Record Count – (available in input mode) when this option is enabled, the number of entries per attribute is returned
Create Multiple – (available in input mode) when enabled if multiple entries are returned, the subsequent entries are displayed on a new line
CSV file format, allow you to control the format of the data written to the file, CSV is only available with table view enabled.

Misc Options

CLDAP – when enabled the ldap query is sent using the UDP protocol rather than TCP
Dynamic and Sort option – see Dynamic and Sort Attributes Options
Auto Complete – when this option is enabled NetTools will download the complete list of attributes defined in the schema when the populate button is pressed, this is then used to provide a auto complete as you enter the attribute names in the attributes field
Chase Referrals – With this LDAP option enabled, the server will try to retrieve the requested object if the object is in a different context or directory.  This can also be set in the LDAP Session option dialog
Ext Error – this is return the extended LDAP error information in the event of an error occurring
Page Size – this define the number of entries that will be returned by the server per page

Updates

These options are covered in the LDAP Search Update Queries 

Credentials -  this will display a dialog box to specify the credentials that will be used to run query under
Reset - reset the form to the default options
Run Batch - Used to execute the select batch list, as defined and specified by the batch list option
Batch List - allows the creation of batch lists of queries 

 SSL Bind - Changes the default port to 636 and enable SSL encrpytion
Verify Certs - when selected the server certificate is validated by the default Windows mechanism, if not selected the certificate verification is bypassed and the certificates are just accepted
Display Results - with this option NetTools will verify each of the certificate in the chain, completing a revocation check against each certificate and display the results
Display Cert - Once the verification of the certificate is complete, the certificate used by the server will be display in a standard certificate dialog box
Machine Store - defines which certificate store will be used by the Windows certificate verification mechanism 

Buttons

LDAP Session - this button will display the LDAP Session dialog to define the session variables that will be used when the query is executed. See LDAP Session Options.
Populate - this button will populate and enable a number of features in LDAP Search.  See LDAP Search Populate
Up one level - The left most entry of the DN is removed, to move up one level
DN Selector - this will display a dialog box to select the required BaseDN from a browser
LDAP Browser - See LDAP Browser
Attributes dialog - this will display the attribute dialog for the current BaseDN object
LDAP Query Wizard - a wizard to display and create a LDAP filter in a hierarchical view.  See LDAP Filter Wizard
Zoom - This button will display the filter or the Attributes field in a separate window with the option to increase the font size for easier reading and updating.
Enums - This display a dialog that shows the values associated to the predefined Enums in NetTools
Help - Displays the help for the filter, attributes and Display filter fields
Attribute List - this will display the list of attributes which can be used to select the attributes to be returned
Define Decode - this dialog lets you display and define the DecodeType that will be used for each attribute.
Favorites Save, Export, Import see Favorites

The text view context menu supports a number of predefined shortcuts to display information based on the selected text in the text view. The details in brackets is the what the selected text should contain for each item.

For details on the Custom items see Context Favorites in LDAP Search Favorites

NetTools Basics

NetTools has a number of common features which are used throughout the program. This post provides details on some of these features.

Navigation
The toolbar is used to navigate the tests and access a number of features in NetTools.  The toolbar has both fixed button and user selected buttons.

The Back and Forward buttons allow you to move backwards and forwards between tests you have used, this is useful if you select a linked option and want to move back to the previous test.  The Connection Profiles button opens the Connection Profiles dialog, which allows you to configure profiles that defines, the server, SSL, authentication, credentials and paging properties.  For more details see Connection Profiles.   The Resolver button will open the Resolve dialog, which lets you resolve different input types.  For more details see Resolver.  The Help button opens the help page on the NetTools.net website for the selected test.  The Quick search entry field provides a quick entry method to perform a search of the AD using the User - Search option  

Where to start
The number of options in NetTools can make it confusing where to start.  The best approach is to start with the Search option under Users or use the quick search option, this allows you to search the AD, be it at the Forest or Domain level for any object in the Active Directory, from there the context menu options allows you to then interrogate the returned objects.  See User Search.

To find your favorite option quickly, NetTools includes a Pin option, which will add user defined button to the toolbar to allow you to quickly select your commonly used options.  To Pin an item, select the option, then right click on the option name and select the Pin from the context menu, you will be prompted to select an icon for the button.  To remove a Pinned item, simply right click on the button on the toolbar and select Remove.

Option or test Linking
For a number of the tests the output from one can be used as the input for other tests and options, by selecting the corresponding output entry and right clicking the context menu will display these options.  The Search option has a number of linking options that are displayed under the use with sub menu.

Copy and Paste
The outputs from the tests can be copied into other functions in NetTools or to external programs.  The Copy and Paste option are displayed in the right click context menus. For table views it's possible to copy the data in a single column, the line, or the entire table. When using the copy column option, mouse position when the right click is pressed, is used to define which column will be selected.  For text based output fields it's possible to copy the text as with standard copy and paste.  The Copy to new Window context menu option will copy the contains of the view to a new detached window, which provide additional sort and filtering options.  See Copy to new Windows

AD or Server Connections
To define the connection details for the AD or LDAP directory and credentials that will be used use the Connection Profiles.  See Connection Profiles

Server Lists
In most of the options there is a server or domain enter field, this is a dropdown list, which is used to select a saved server or the Connection Profiles.  From the right click context menu you can save the current name and also manage the lists.  A separate list is used based on the enter field name, i.e. Server, Domain, LDAP filters etc.  The server and domain fields are optional, if no entry is provided NetTools will either connect to the domain the machine running NetTools to joined to, or the default profile, if one has been defined.

Messages\Results pane
On most options, there is a lower pane, this pane is used to display any errors or status report from the execution.

NetTools saved configuration
NetTools uses a single configuration file called NetTools.ini, this is used to save any user defined configuration or saved lists.  NetTools will try to read the configuration from the same location as the exe from executed from.