What's new in AdFind 1.61.00
Oct 9, 2023
- Functionality Par with joe internal only tool, random bugfixes etc
New in AdFind 1.59.00 (May 7, 2023)
- BUGFIXES:
- Gco port change message
- Error usage for metafilterattr
- Arbitrary CSV insert attribute fix
- Fixed decode of SDDL "KA", previously had 2x[WRT OWNER]
- Switches:
- Added -c2
- Added -upto
- Shortcuts:
- Added nothing new
- Misc:
- Fixed dsHeuristics decodes
- Fixed multiple usage typos
- Fixed -nirs* sort ordering
- Added "root" parameter to domainlist/domainncsl
- -sc fsmo promoted to full switch -fsmo
- Added GT IPA handling
- Added LOCALGTIPA for binenc
- Added CURRENTGTIPA for binenc
- Added RegEx for _OBJECT_OWNER
- Added -vmeta+ alias for -vmetaplus
- Added check and message for admod params
- Added CRL Distribution Point output for -sslinfo
- Remap %20 to space in -URL string Base DN
New in AdFind 1.57.00 (Nov 23, 2021)
- BUGFIXES:
- Fixed issue with RegEx !m
- Fixed issue with RegEx for SID/GUID attributes
- Fixed Crash Bug with Security Descriptors
- Fixed DN breakout for Extended Names output
- Fixed ranging issue with Extended Names output
- Fixed issue with non-paged searches
- Fixed some error outputs
- Switches:
- Added -csvsh (CSV Smart Header for piping)
- Added ! as alias for !m
- Added -gplinkmulti
- Added -ntlm
- Added -starttls
- Added -dncharvalidation
- Added -dirsync
- Added -dirsyncro
- Added -dirsync_opts
- Added -dirsync_cont
- Added -showcookie
- Shortcuts:
- Added nothing new
- Misc:
- Convert to Visual Studio 2022
- Added addtional decodes for 389DS LDAP Directory
- Updated dSHeuristics decodes
- Allow -csvnoheader to work with -sdcsvsingle
- Updated some systemFlag decodes
- Allow SID/GUIDs for DN pipe input
- Added regex functionality for -excldn / -incldn
- Added -sdbinout alias for -sdblob
- Remove [BLOB] from CSV output for -sdblob
- Detect Windows Server 2022
New in AdFind 1.56.00 (May 4, 2021)
- BUGFIXES:
- Fixed GC override message
- Fixed -base, -one, -sub/-subtree
- Switches:
- Added -domainlist alias for shortcut of same name
- Added -dclist alias for shortcut of same name
- Added -domainncsl alias for shortcut of same name
- Shortcuts:
- Added nothing new
- Misc:
- Added -gco to -hint header
- Added r param to sdcsvsingle for -replacedn _all
- Handle msds-member(Of)Transitive issue (blog post)
- Set up sdcsvsingle to work with defaultSD with d param
- resolvesidsldap now looks at del objs too
- Commented out some beta identification code I forgot to remove in last release
New in AdFind 1.55.00 (Apr 6, 2021)
- Modification(s) from previous version:
- BUGFIXES:
- Fixed -sc gpodmp
- Allow = with ; in AJ Fix (Warn on LDAP filter without -f)
- Header not displayed for early errors.
- Fixed shortcut attribute add/remove
- Fixed shortcut filters
- Fixed -incllike/excllike with nirs/x
- Fixed crash with no explicit ACE
- Fixed invalid accessmask on ACE
- Fixed Time Zone output UNKNOWN TZ
- Fixed parentcanonical + -list
- Fixed parentcanonical in CSV output
- Fixed -hh overwriting -h LDAP://
- Fixed -(incl|excl)like with -nirs
- Fixed msDS-TrustForestTrustInfo
- Fixed -nl defaultsecuritydescriptor
- Fixed READ vs READ PERMS in SD decode
- Fixed Handling of DN w/Binary and DN w/String piped in
- Fixed binary attribs hardcode++
- Fixed dsheuristics output
- Fixed bug in -metafilterval
- Fixed static PS/VW/CARS table -gco
- Fixed crash bug in ldapping func
- Fixed Print Op decode
- Fixed LDS SID Resolution fix
- Fixed appver EST/EDT
- Fixed sslinfo attr display
- Fixed ameta/vmeta double column csv
- Fixed typo in REGEX Usage
- Fixed SD nodecode RegEx CSV bugfix
- Fixed bug in sdcsvsingle
- UNFIXABLE* vmeta sort issue found where > 1500 linked values
- Switches:
- Added -showttll
- Added -rbb
- Added -sc ccs (common container search)
- Added -pki special base
- Added -sorta / -rsorta
- Added switch -gui for use with help switches
- Added -sdblob
- Added -daclpipe / -sdpipe
- Added -daclpipe+ / -sdpipe+
- Added -vmetaplus
- Added -gcsv
- Added -objectdomaindn / objectdomaindn
- Added -objectdomaindns/ objectdomaindns
- Added -sdcsvsinglesort
- Added -resolvesidsgeneric
- Added -resolvesidgenex - Props to Generation X woot!
- Added -pdnucounts
- Added -base
- Added -one/-onelevel
- Added -sub/-subtree
- Shortcuts:
- Added -sc accessrights and alias -sc accesscheck
- Added -sc dsd
- Added -sc cclone, -sc cclone+, -sc cclone+x
- Added -sidtype (not for ldap sid resolve)
- Added -sc dclistf
- Added -sc daclcsvdmp and alias -sc daclcsvdump
- Added -sc sdcsvdmp and alias -sc sdcsvdump
- Misc:
- Updated stdin filtering for <TTL=x>
- Default -nirsx for -nirsonly
- Decode SDRightsEffective
- Added -mvsort to -sc sdump
- Added check for accidental adfind|adfind instead of adfind|admod
- Added metasort date to meta switches (DEFAULT CHANGE)
- Added _Object_Owner without requiring -owner
- Updated -appver for binary path
- Added -dloid to several shortcuts
- Added SSL field in ADCSV/HINT
- replacedn "" becomes -replacedn _all
- Changed -gco to use ldap sid resolve
- Added !m// regex functionality
- Decode msDS-HasInstantiatedNCs
- Allow specify "fields/attributes" for -sslinfo
- Do not add ntsecuritydescriptor if args specified for -jsd
- If no value for -mv(r)sort, assume *
- Added e,f,g,x options for -sdcsvsingle
- Massive speed increase for CSV related ops and CSV Counts of LVRs
- Decode KEYLIST flag in NetLogon "LDAP Ping" options flags
New in AdFind 1.52.00 (Jan 13, 2020)
- Converted to Visual Studio 2019
- BUGFIXES:
- Fixed -e base override
- Changed -jcsv to -jcsv2
- Fixed otherWellKnownObjects
- Fixed shortcut doc bug
- Fixed -metamvcsv x01 x01
- Fixed remove attribs- func
- Fixed -sc psomgr sort&displayname
- Fixed usage missing -(s)elapsedms
- Fixed sddl(not)filter - -> ~
- Invalid format -tdc(s)fmt
- Fixed usage for tdctzstr
- Fixed -alldc binary attrib decode bug
- Fixed LDS appnc user error
- Fixed crash bug LDS tokengroups
- Fixed MSDS-Cached-Membership resolve issue
- Fixed currenttime preload gtime table
- Fixed usage for -fgpp
- Fixed multiple special bases
- Fixed -sc sitelinkdmp no site specified
- Removed "non-specific" for domain admins, et ali
- Removed forced base on following shortcuts: sddldump,getacl,caclnoinherit,aclnoinherit,cexplaces,explaces
- Fixed bug in jsd(e)nlb with filter
- Fixed nasty silent crash bug in -decsddlacl, what a PITA
- Fixed password prompt going into CSV output when prompted -up
- Fixed non-rfc -url default
- Fixed trustType decode MIT
- non-specific SID resolve for defaultsecuritydescriptors
- Bug in new filter explicits
- Fixed -nopagingcheck
- Fixed -bit DNWDATA
- Fixed bug in exterr info for initial bind functions as well as switching to stdout
- Fixed bug in SID preload w/ built in mnemonic SIDs
- Fixed bug in -ic with -excldn/-incldn
- Fixed decode of oMObjectClass
- Fixed explicit ACE stripping
- Fixed no port listed when -udp
- Fixed detection of config/schema partition DNs was broken for cross forest situations.
- Fixed attributeSecurityGUID decode
- Fixed LDAP SID Resolve
- Fixed -ef parsing of quotes
- Fixed Garbage DN parsing to handle single label domains / ADLDS
- Switches:
- Added Special base -msa
- Added -jsd(e)nlb switches
- Added -hint
- Added -pause
- Added -norrerr (range retr no err)
- Added -recmutedsq
- Added -incllike,-excllike
- Added -bb xx (scope base -b xx)
- Added -sddlpsflag
- Added -recmutedsq
- Added -rawsddlexpl
- Added -rawsddlnl
- Added -alldcd, -alldc + tdcda
- Added -noerr, stdout/err redirect will prevent errors going to file
- Added -encguidtohex,-dechextoguid
- Added -encsidtohex, -dechextosid
- Added -metas, metasl, metasnl
- Added -dsnq (-dsq with no quotes)
- Added -ldapping
- Added -netlogonexdc
- Added -acecount
- Added -fl - formatted list jtsv2 nodn
- Added -attrvaldelim, -attrprefix
- Added -dnbreakout :
- Added -decdelta
- Added -dpcanonical, -cva
- Added do/do+ alias delobjs/delobjs+
- Added -xmod (manual admod output)
- Added -sdcsvsingle
- Added -regex?
- Added -ddo
- Added -rootdseinternals
- Added -CSVFinalCount
- Changed mv(not)filter to to allow multiple values for one attr to be specified like attr1=val1;val2;val3 instead of attr1=val1;attr1=val2;attr1=val3
- Alert on -f with no = (AJ FIX)
- Alert on = in attribibute names (AJ FIX)
- Normalized -ownercsv implementation
- Added Replica Set/GUID to -extsrvinfo
- Added currenttime to -extsrvinfo
- Updated how -sddl_explicit works,uses the -rawsddlnl functionality
- Decode attributesecurityguid with -schdc decode switch
- Decode appliesto on controlAccessRight objects with added -configdc
- Allow specifying * for -mvsort and -mvrsort to sort all MV attribs
- Allowed filterbreakdown to use -f
- Alias -expandfilter for -filterbreakdown
- Added -hh / -url to -adcsv
- Added -nirsonly to only show empty attributes when used with -nirs/-nirsx
- Shortcuts:
- Added msDS-TrustForestTrustInfo to -sc trustdmp
- Added :noroot param on -sc domainlist
- Added :report for -sc fgpps/psos
- Added -sc findpropsetrg alias of -sc permguid
- Added -sc userinfo
- Added -sc domainlist:short option
- Added displayname to findpropsetrg
- Added shortcuts -sc ldsldapurl:xx, -sc ldsldapurl:xx, -sc ldsinstances:xx
- Added options to -sc sitelinkdmp
- Removed -sc domainlist:canonicalname as it makes no sense at all
- Misc:
- Add 2K19 RootDSE decodes
- Change all rootdse to have -nopaging
- Add more usage for -mvfilter *,?
- Fixed stupid MSFT LDAP URL format
- Added additional trustAttribute decodes
- Identify more non-MSFT directories
- Allow user to specify parentdn or parentcanonical to place anywhere within CSV, no need for -p switches
- Added staticly defined GUIDs that MSFT screwed up in schema.
- Updated dsheuristics to show character positions
- Updated stdin pipein functionality to handle quoted CSV/TSV and filter out more garbage fed through the pipe
- Allow specify position for _OBJECT_OWNER "attrib" CSV
- Added Regular Expression Functionality (BETA)
- Started work on MSA password decode - msDS-ManagedPassword, not sure if it works right BETA
- BIN: for password (not entirely sure this works - BETA)
New in AdFind 1.51.00 (Aug 3, 2018)
- Fixed number of small bug fixes / memory leak fixes related to Borland Builder C++ to VS 2017 conversion, Preloaded Security Descriptor OIDs, For PSISE if stderr redirect send header to stdin, Added Bulk SID resolution to SID atts, Added garbageCollPeriod to policies, Decode msDS-TrustForestTrustInfo (-samdc), Added more attributes to -fullrootdse, Updated time/sid attributes hardcode, Brought back the mainicon, Added fgppcontainer alias for psocontainer, Decode wellknownobjects/otherwko, Decoded dSASignature, msExchRemoteRecipientType, msExchRecipientDisplayType, msExchRecipientTypeDetails, Fixed jtsv/2 to use -csv xx value, Added -ametanl, -vmetanlAdded -jsd, -jsdnl, -jsde, -jsdenl, -url, -sddl+++/-sddc+++,-sddl3 alias for sddl+++, -metamvcsv, -metamvcsva, -metamvcsvv, -binsize xx, -binsizenl xx, -adminrootdse, Changed dcdmp filter to dclist filter, Added dn to -sc dclist:xx, Added shortcuts cexplaces,caclnoinherit, structdmp/dump, fgpps/psos
New in AdFind 1.47.00 (Mar 6, 2014)
- Fixed bugs with -this,-ameta,-vmeta
- Changed Win8 decodes strings to Windows 2012
- Added switch -nopaging
- Added shortcut -sc ridpool
New in AdFind 1.37.00 (Aug 15, 2007)
- Added new special base switches: forestdns, domaindns, gpo, psocontainer, ldappolicy, xrights, partitions, sites, subnets, exch, dcs, fsps
- Added new switches: noautoranging, onlyaclprot, onlyaclunprot
- Added the following shortcuts: rodcpas, rodcpasl, !rodcpas, !rodcpasl, export, sddldmp, sddlmap, sitedmp, subnetdmp, gpodmp, fspdmp, oudmp, showmeta, showmetas
- Updated switches:-replacedn
- Decode more time/interval values
- Decode attributes: options, mS-DS-ReplicatesNCReason
- Updated some of the decode functions for Longhorn (aka Windows Server 2008) values
- Updates STATS to work properly with Longhorn
- Fixed multiple usage typos
- Fixed bug with -mvfilter
- Streamlined some of the shortcuts
- Sped up SID resolution (especially in cases where LDAP connection but no RPC connection)
- Changed "Coordinated Universal Time" in time decode to UTC.