AdFind Changelog

What's new in AdFind 1.61.00

Oct 9, 2023
  • Functionality Par with joe internal only tool, random bugfixes etc

New in AdFind 1.59.00 (May 7, 2023)

  • BUGFIXES:
  • Gco port change message
  • Error usage for metafilterattr
  • Arbitrary CSV insert attribute fix
  • Fixed decode of SDDL "KA", previously had 2x[WRT OWNER]
  • Switches:
  • Added -c2
  • Added -upto
  • Shortcuts:
  • Added nothing new
  • Misc:
  • Fixed dsHeuristics decodes
  • Fixed multiple usage typos
  • Fixed -nirs* sort ordering
  • Added "root" parameter to domainlist/domainncsl
  • -sc fsmo promoted to full switch -fsmo
  • Added GT IPA handling
  • Added LOCALGTIPA for binenc
  • Added CURRENTGTIPA for binenc
  • Added RegEx for _OBJECT_OWNER
  • Added -vmeta+ alias for -vmetaplus
  • Added check and message for admod params
  • Added CRL Distribution Point output for -sslinfo
  • Remap %20 to space in -URL string Base DN

New in AdFind 1.57.00 (Nov 23, 2021)

  • BUGFIXES:
  • Fixed issue with RegEx !m
  • Fixed issue with RegEx for SID/GUID attributes
  • Fixed Crash Bug with Security Descriptors
  • Fixed DN breakout for Extended Names output
  • Fixed ranging issue with Extended Names output
  • Fixed issue with non-paged searches
  • Fixed some error outputs
  • Switches:
  • Added -csvsh (CSV Smart Header for piping)
  • Added ! as alias for !m
  • Added -gplinkmulti
  • Added -ntlm
  • Added -starttls
  • Added -dncharvalidation
  • Added -dirsync
  • Added -dirsyncro
  • Added -dirsync_opts
  • Added -dirsync_cont
  • Added -showcookie
  • Shortcuts:
  • Added nothing new
  • Misc:
  • Convert to Visual Studio 2022
  • Added addtional decodes for 389DS LDAP Directory
  • Updated dSHeuristics decodes
  • Allow -csvnoheader to work with -sdcsvsingle
  • Updated some systemFlag decodes
  • Allow SID/GUIDs for DN pipe input
  • Added regex functionality for -excldn / -incldn
  • Added -sdbinout alias for -sdblob
  • Remove [BLOB] from CSV output for -sdblob
  • Detect Windows Server 2022

New in AdFind 1.56.00 (May 4, 2021)

  • BUGFIXES:
  • Fixed GC override message
  • Fixed -base, -one, -sub/-subtree
  • Switches:
  • Added -domainlist alias for shortcut of same name
  • Added -dclist alias for shortcut of same name
  • Added -domainncsl alias for shortcut of same name
  • Shortcuts:
  • Added nothing new
  • Misc:
  • Added -gco to -hint header
  • Added r param to sdcsvsingle for -replacedn _all
  • Handle msds-member(Of)Transitive issue (blog post)
  • Set up sdcsvsingle to work with defaultSD with d param
  • resolvesidsldap now looks at del objs too
  • Commented out some beta identification code I forgot to remove in last release

New in AdFind 1.55.00 (Apr 6, 2021)

  • Modification(s) from previous version:
  • BUGFIXES:
  • Fixed -sc gpodmp
  • Allow = with ; in AJ Fix (Warn on LDAP filter without -f)
  • Header not displayed for early errors.
  • Fixed shortcut attribute add/remove
  • Fixed shortcut filters
  • Fixed -incllike/excllike with nirs/x
  • Fixed crash with no explicit ACE
  • Fixed invalid accessmask on ACE
  • Fixed Time Zone output UNKNOWN TZ
  • Fixed parentcanonical + -list
  • Fixed parentcanonical in CSV output
  • Fixed -hh overwriting -h LDAP://
  • Fixed -(incl|excl)like with -nirs
  • Fixed msDS-TrustForestTrustInfo
  • Fixed -nl defaultsecuritydescriptor
  • Fixed READ vs READ PERMS in SD decode
  • Fixed Handling of DN w/Binary and DN w/String piped in
  • Fixed binary attribs hardcode++
  • Fixed dsheuristics output
  • Fixed bug in -metafilterval
  • Fixed static PS/VW/CARS table -gco
  • Fixed crash bug in ldapping func
  • Fixed Print Op decode
  • Fixed LDS SID Resolution fix
  • Fixed appver EST/EDT
  • Fixed sslinfo attr display
  • Fixed ameta/vmeta double column csv
  • Fixed typo in REGEX Usage
  • Fixed SD nodecode RegEx CSV bugfix
  • Fixed bug in sdcsvsingle
  • UNFIXABLE* vmeta sort issue found where > 1500 linked values
  • Switches:
  • Added -showttll
  • Added -rbb
  • Added -sc ccs (common container search)
  • Added -pki special base
  • Added -sorta / -rsorta
  • Added switch -gui for use with help switches
  • Added -sdblob
  • Added -daclpipe / -sdpipe
  • Added -daclpipe+ / -sdpipe+
  • Added -vmetaplus
  • Added -gcsv
  • Added -objectdomaindn / objectdomaindn
  • Added -objectdomaindns/ objectdomaindns
  • Added -sdcsvsinglesort
  • Added -resolvesidsgeneric
  • Added -resolvesidgenex - Props to Generation X woot!
  • Added -pdnucounts
  • Added -base
  • Added -one/-onelevel
  • Added -sub/-subtree
  • Shortcuts:
  • Added -sc accessrights and alias -sc accesscheck
  • Added -sc dsd
  • Added -sc cclone, -sc cclone+, -sc cclone+x
  • Added -sidtype (not for ldap sid resolve)
  • Added -sc dclistf
  • Added -sc daclcsvdmp and alias -sc daclcsvdump
  • Added -sc sdcsvdmp and alias -sc sdcsvdump
  • Misc:
  • Updated stdin filtering for <TTL=x>
  • Default -nirsx for -nirsonly
  • Decode SDRightsEffective
  • Added -mvsort to -sc sdump
  • Added check for accidental adfind|adfind instead of adfind|admod
  • Added metasort date to meta switches (DEFAULT CHANGE)
  • Added _Object_Owner without requiring -owner
  • Updated -appver for binary path
  • Added -dloid to several shortcuts
  • Added SSL field in ADCSV/HINT
  • replacedn "" becomes -replacedn _all
  • Changed -gco to use ldap sid resolve
  • Added !m// regex functionality
  • Decode msDS-HasInstantiatedNCs
  • Allow specify "fields/attributes" for -sslinfo
  • Do not add ntsecuritydescriptor if args specified for -jsd
  • If no value for -mv(r)sort, assume *
  • Added e,f,g,x options for -sdcsvsingle
  • Massive speed increase for CSV related ops and CSV Counts of LVRs
  • Decode KEYLIST flag in NetLogon "LDAP Ping" options flags

New in AdFind 1.52.00 (Jan 13, 2020)

  • Converted to Visual Studio 2019
  • BUGFIXES:
  • Fixed -e base override
  • Changed -jcsv to -jcsv2
  • Fixed otherWellKnownObjects
  • Fixed shortcut doc bug
  • Fixed -metamvcsv x01x01
  • Fixed remove attribs- func
  • Fixed -sc psomgr sort&displayname
  • Fixed usage missing -(s)elapsedms
  • Fixed sddl(not)filter - -> ~
  • Invalid format -tdc(s)fmt
  • Fixed usage for tdctzstr
  • Fixed -alldc binary attrib decode bug
  • Fixed LDS appnc user error
  • Fixed crash bug LDS tokengroups
  • Fixed MSDS-Cached-Membership resolve issue
  • Fixed currenttime preload gtime table
  • Fixed usage for -fgpp
  • Fixed multiple special bases
  • Fixed -sc sitelinkdmp no site specified
  • Removed "non-specific" for domain admins, et ali
  • Removed forced base on following shortcuts: sddldump,getacl,caclnoinherit,aclnoinherit,cexplaces,explaces
  • Fixed bug in jsd(e)nlb with filter
  • Fixed nasty silent crash bug in -decsddlacl, what a PITA
  • Fixed password prompt going into CSV output when prompted -up
  • Fixed non-rfc -url default
  • Fixed trustType decode MIT
  • non-specific SID resolve for defaultsecuritydescriptors
  • Bug in new filter explicits
  • Fixed -nopagingcheck
  • Fixed -bit DNWDATA
  • Fixed bug in exterr info for initial bind functions as well as switching to stdout
  • Fixed bug in SID preload w/ built in mnemonic SIDs
  • Fixed bug in -ic with -excldn/-incldn
  • Fixed decode of oMObjectClass
  • Fixed explicit ACE stripping
  • Fixed no port listed when -udp
  • Fixed detection of config/schema partition DNs was broken for cross forest situations.
  • Fixed attributeSecurityGUID decode
  • Fixed LDAP SID Resolve
  • Fixed -ef parsing of quotes
  • Fixed Garbage DN parsing to handle single label domains / ADLDS
  • Switches:
  • Added Special base -msa
  • Added -jsd(e)nlb switches
  • Added -hint
  • Added -pause
  • Added -norrerr (range retr no err)
  • Added -recmutedsq
  • Added -incllike,-excllike
  • Added -bb xx (scope base -b xx)
  • Added -sddlpsflag
  • Added -recmutedsq
  • Added -rawsddlexpl
  • Added -rawsddlnl
  • Added -alldcd, -alldc + tdcda
  • Added -noerr, stdout/err redirect will prevent errors going to file
  • Added -encguidtohex,-dechextoguid
  • Added -encsidtohex, -dechextosid
  • Added -metas, metasl, metasnl
  • Added -dsnq (-dsq with no quotes)
  • Added -ldapping
  • Added -netlogonexdc
  • Added -acecount
  • Added -fl - formatted list jtsv2 nodn
  • Added -attrvaldelim, -attrprefix
  • Added -dnbreakout :
  • Added -decdelta
  • Added -dpcanonical, -cva
  • Added do/do+ alias delobjs/delobjs+
  • Added -xmod (manual admod output)
  • Added -sdcsvsingle
  • Added -regex?
  • Added -ddo
  • Added -rootdseinternals
  • Added -CSVFinalCount
  • Changed mv(not)filter to to allow multiple values for one attr to be specified like attr1=val1;val2;val3 instead of attr1=val1;attr1=val2;attr1=val3
  • Alert on -f with no = (AJ FIX)
  • Alert on = in attribibute names (AJ FIX)
  • Normalized -ownercsv implementation
  • Added Replica Set/GUID to -extsrvinfo
  • Added currenttime to -extsrvinfo
  • Updated how -sddl_explicit works,uses the -rawsddlnl functionality
  • Decode attributesecurityguid with -schdc decode switch
  • Decode appliesto on controlAccessRight objects with added -configdc
  • Allow specifying * for -mvsort and -mvrsort to sort all MV attribs
  • Allowed filterbreakdown to use -f
  • Alias -expandfilter for -filterbreakdown
  • Added -hh / -url to -adcsv
  • Added -nirsonly to only show empty attributes when used with -nirs/-nirsx
  • Shortcuts:
  • Added msDS-TrustForestTrustInfo to -sc trustdmp
  • Added :noroot param on -sc domainlist
  • Added :report for -sc fgpps/psos
  • Added -sc findpropsetrg alias of -sc permguid
  • Added -sc userinfo
  • Added -sc domainlist:short option
  • Added displayname to findpropsetrg
  • Added shortcuts -sc ldsldapurl:xx, -sc ldsldapurl:xx, -sc ldsinstances:xx
  • Added options to -sc sitelinkdmp
  • Removed -sc domainlist:canonicalname as it makes no sense at all
  • Misc:
  • Add 2K19 RootDSE decodes
  • Change all rootdse to have -nopaging
  • Add more usage for -mvfilter *,?
  • Fixed stupid MSFT LDAP URL format
  • Added additional trustAttribute decodes
  • Identify more non-MSFT directories
  • Allow user to specify parentdn or parentcanonical to place anywhere within CSV, no need for -p switches
  • Added staticly defined GUIDs that MSFT screwed up in schema.
  • Updated dsheuristics to show character positions
  • Updated stdin pipein functionality to handle quoted CSV/TSV and filter out more garbage fed through the pipe
  • Allow specify position for _OBJECT_OWNER "attrib" CSV
  • Added Regular Expression Functionality (BETA)
  • Started work on MSA password decode - msDS-ManagedPassword, not sure if it works right BETA
  • BIN: for password (not entirely sure this works - BETA)

New in AdFind 1.51.00 (Aug 3, 2018)

  • Fixed number of small bug fixes / memory leak fixes related to Borland Builder C++ to VS 2017 conversion, Preloaded Security Descriptor OIDs, For PSISE if stderr redirect send header to stdin, Added Bulk SID resolution to SID atts, Added garbageCollPeriod to policies, Decode msDS-TrustForestTrustInfo (-samdc), Added more attributes to -fullrootdse, Updated time/sid attributes hardcode, Brought back the mainicon, Added fgppcontainer alias for psocontainer, Decode wellknownobjects/otherwko, Decoded dSASignature, msExchRemoteRecipientType, msExchRecipientDisplayType, msExchRecipientTypeDetails, Fixed jtsv/2 to use -csv xx value, Added -ametanl, -vmetanlAdded -jsd, -jsdnl, -jsde, -jsdenl, -url, -sddl+++/-sddc+++,-sddl3 alias for sddl+++, -metamvcsv, -metamvcsva, -metamvcsvv, -binsize xx, -binsizenl xx, -adminrootdse, Changed dcdmp filter to dclist filter, Added dn to -sc dclist:xx, Added shortcuts cexplaces,caclnoinherit, structdmp/dump, fgpps/psos

New in AdFind 1.47.00 (Mar 6, 2014)

  • Fixed bugs with -this,-ameta,-vmeta
  • Changed Win8 decodes strings to Windows 2012
  • Added switch -nopaging
  • Added shortcut -sc ridpool

New in AdFind 1.37.00 (Aug 15, 2007)

  • Added new special base switches: forestdns, domaindns, gpo, psocontainer, ldappolicy, xrights, partitions, sites, subnets, exch, dcs, fsps
  • Added new switches: noautoranging, onlyaclprot, onlyaclunprot
  • Added the following shortcuts: rodcpas, rodcpasl, !rodcpas, !rodcpasl, export, sddldmp, sddlmap, sitedmp, subnetdmp, gpodmp, fspdmp, oudmp, showmeta, showmetas
  • Updated switches:-replacedn
  • Decode more time/interval values
  • Decode attributes: options, mS-DS-ReplicatesNCReason
  • Updated some of the decode functions for Longhorn (aka Windows Server 2008) values
  • Updates STATS to work properly with Longhorn
  • Fixed multiple usage typos
  • Fixed bug with -mvfilter
  • Streamlined some of the shortcuts
  • Sped up SID resolution (especially in cases where LDAP connection but no RPC connection)
  • Changed "Coordinated Universal Time" in time decode to UTC.