Hey! Sorry for the darkness.
AdFind is NOT dead, I am still developing it. I have a bunch of fixes in it that I started back in December 2023 including stuff for Windows Server 2025 that I just haven’t wrapped all up to release. I have actually bumped it to two minor versions too so the next version to be released will be V01.64.00. There have been about 60 builds since the last released version.
I admit, it is going slow, working too much in the regular job and feeling a bit run down and tired. Also looking at the PKI info in AD to look at translating that and that isn’t going as smooth as I had hoped. It isn’t just the coding slowing down, I have all sorts of yard work that is behind too.
Google has slowed down on marking AdFind as malware which is nice. I still check it daily and tell them to fix their shit when it does get marked. And that is literally all I do, I say fix your shit and then they stop marking it as malware until they mark it again in a month or four.
Getting MSFT to leave AdFind alone is a whole other thing. To the folks who think… Just sign the binary and it will be fine. No, that isn’t the case. The issue isn’t that people are using the adfind.exe name to get shit to run on systems like a trojan horse, the problem is that MSFT malware security people are morons and think a read only tool is a bad thing even when their own tools they provide do the same things, just not as well. Windows itself is orders of magnitude more of a security risk than AdFind is. I am not terribly distressed by any of it though. I originally wrote AdFind for myself and what I needed, I ended up sharing it when others said wow that is cool, can you share that with me?? And so I did. In the meanwhile with all of this stupid from MSFT I have written a completely different tool for myself now that I will never share with anyone so when MSFT gets a wild hair about AdFind, it doesn’t impact me at all.
Oh, people can stop sending me emails asking me to make AdFind for EntraID. It isn’t very likely to happen at all unless someone sends a request and about $500,000 into my paypal donation bucket or I change very dramatically the stuff I am working on which will likely cost the amount specified before or likely more. I literally have ZERO interest in EntraID and Cloud in general at the present time. At this point if I worked on anything for EntraID, it would probably be some kind of mechanism to extract Identity out of it so people can put it somewhere else.
I consider EntraID and other Cloud Identity systems to be dangerous to companies, large companies in particular, because you loose control of your authoritative Identity. I am fine with projecting or provisioning Identity into the Cloud systems, but I don’t think that that should be the authoritative store because you are now beholden to whomever you gave it to. Plus Cloud is expensive as hell for large companies and we are already seeing the backlash there as they pull stuff back out and put it into newly built on-premises systems with properly designed and managed management interfaces. In fact, if large companies have sorted out proper datacenter management years ago, Cloud wouldn’t have gone very far. Smaller companies, Cloud is probably the best option available for them for security and stability reasons as they likely don’t have amazing resources to run their stuff securely or well.
joe
