joeware - never stop exploring... :)

Information about joeware mixed with wild and crazy opinions...

AdFind V01.51.00 Released–Happy Halloween! :)

by @ 1:00 am on 10/31/2017. Tags:
Filed under general, updates

I have released AdFind V01.51.00.

This release has a group of bug fixes and memory leaks that I found over the last couple of months related to the port/conversion to Visual Studio C++.

In addition I have added quite a few attributes to the list of decoded attributes including wellKnownObjects, dSASignature, several Exchange attributes, and msDS-TrustForestTrustInfo which I previously reported helped me find a bug in NETDOM.

I have worked to squeeze some more speed out of it for larger directory queries and around SID resolution which seems to be especially noticeable over slow VPN connections. If you ever resolve the SIDs in the tokengroups attribute you should find a considerable increase in performance. Using this daily I have seen very large tokengroups lists go from taking a couple of minutes to resolve over VPN to taking only seconds.

Kind of a funny item that I “fixed” that I never expected to get the email volume I have received was for the main ICON for the application. When I switched to Visual Studio the main ICON that was used for the executable in the past changed from the previous ICON (auto inserted by C++ Builder) to a generic application ICON. I have dug the main ICON out of V01.49.00 and added it to the application again so please no more emails about the missing ICON. Open-mouthed smile 

I have added several new switches including:

-ametanl, –vmetanl  : metadata switches to control how the output looks

-metamvcsv, -metamvcsva, –metamvcsvv  : switches to further control metadata output allowing you to specify which fields and outputs in MV CSV format.

-jsd, -jsdnl, -jsde, –jsdenl, -sddl+++/-sddc+++, –sddl3 : Security Descriptor decode switches.

-adminrootdse : Additional rootdse attributes that are only available to admins.

Added several shortcuts including:

cexplaces,caclnoinherit: Security Descriptor shortcuts (guess what I have been doing a lot of lately?)

structdmp/dump : Best effort dump of general AD container structure.

fgpps/psos : Dump Password Settings Objects

Get AdFind V01.51.00 at http://www.joeware.net/freetools/tools/adfind

   joe

Rating 4.71 out of 5

2 Responses to “AdFind V01.51.00 Released–Happy Halloween! :)”

  1. Himanshu Singh says:

    I have a requirement where i have to find out for few user accounts what all permissions do they have on/in the AD forest-domain,
    I intend run a check that touches ntsecuritydescriptor attribute on every object in the domain and if the username does exists on the object in the ACEs only those should be printed on the screen or exported to excel for even better sorting when checking permissions for multiple users

    I have tried various options i could read about, you have put out there on ADfind with -sddl++ dacl, onlydacl etc.. but i am not able to generate the desired result,
    I need your help on this, i want the data to 1 row should show object DN (for which ACE is interpreted) what kind of right/property/permission it is, is it inherited,
    is it the explicit / implicit entry, i mean after generating this output there should be no need to look at any other report using any other tool

    • joe says:

      Just getting where the user has their ID in an ACE on ACL is no where near close enough to a good report. A user could be in a group and that group has access to AD.

      As for the formatting bit, write a script. You already need to to sort out the whole group issue.

      joe

[joeware – never stop exploring… :) is proudly powered by WordPress.]