ADsecurity Version History

4/21 version 8.4.0.0

ADHQ ADsecurity v8.4.0.0 adds the following enhancements:

Reports

• Added the ability to display msDS-UserPasswordExpiryTimeComputed attribute in date format
• Added the ability to display ms-Mcs-AdmPwdExpirationTime attribute in date format

ADHQ ADsecurity v8.4.0.0 addresses the following issues:

General

• Fixed an issue where including %time% parameter in output file names could cause DOS error 22

Reports

• Fixed multiple issues causing group members from foreign domains to fail to appear in reports
• Fixed an issue causing an Access Violation error when filtering on specific attributes, especially in security reports

Scheduled Tasks

• Fixed an issue where %toolname% in the name of output files was resolving to TaskEngine instead of the name of the tool being run

5/20 version 8.3.0.0

ADsecurity v8.3.0.0 adds the following enhancements:

General

• Added support for reporting on Exchange 2019 attributes.

Scheduled Tasks

• Implemented the %taskname% parameter for output file names in scheduled tasks

ADsecurity v8.3.0.0 addresses the following issues:

General

• Fixed an issue causing tools and reports to run slowly when working in multiple domains
• Modified filter processing to improve the performance of reports and tools with complex filters

Reports

• Fixed an issue where reports saved in Excel format would not be readable when opened using Excel Online.
• Fixed an issue causing reports to crash when attempting to contact unreachable domain controllers in foreign domains, especially when enumerating cross-domain group membership

Scheduled Tasks

• Fixed an issue where changes to the Active Directory schema were causing reports to be created entirely empty, or with only a header line
• Fixed an issue causing scheduled tasks to hang after executing, especially when run against empty import files

9/19 version 8.2.0.0

ADsecurity v8.2.0.0 adds the following enhancements:

General

• Modified internal storage of program option passwords to meet or exceed industry standards (e.g. password for Exchange 2016)

ADsecurity v8.2.0.0 addresses the following issues:

General

• Fixed an issue that occurred while saving output from tools with slashes or backslashes in their name

Reports

• Fixed an issue where ACEs from foreign domains would appear as SIDs rather than being resolved to the name format specified.
• Fixed an issue where the Report Properties pane would appear smaller than intended.

2/19 version 8.1.0.9

ADsecurity v8.1.0.9 adds the following enhancements:

General

• Added support for importing UNC path names into the File and Share Scope dialog.
• Added support for manually entering UNC path names into the File and Share Scope dialog.

ADsecurity v8.1.0.9 addresses the following issues:

General

• Creating scheduled tasks and then running the program as a different user would cause the scheduled tasks to be incorrectly removed.
• Fixed an issue scanning root and child domains together as part of the same collection or report.
• Fixed an issue causing the program name and description to appear incorrectly.
• Fixed a crash relating to invalid scope items defined in reports.

Scheduled Tasks

• Fixed a display glitch where the task time would appear one day different from its true scheduled time.
• Fixed an issue causing the Set Import File option to be unavailable sometimes when setting a task scope.

Security Reports

• Fixed reports failing to retrieve security descriptor even when the account has the required access rights.
• Fixed an issue preventing program from resolving SIDs in trusted domains.
• Fixed well-known security groups appearing with incorrect domain name in reports.
• Fixed not being able to select mailboxes from the browser's tree view when configuring report scope.

7/18 version 8.1.0.0

ADsecurity v8.1.0.0 contains the following enhancements:

General

• Added auto-update feature to automatically download and install updates
• Added the following Common Properties for reporting and filtering:

  AD Security Reports
  Common Permissions	This property contains a list of common permissions that can be granted on Active Directory objects. This list is similar to the list that appears on the Security tab (Advanced view) of property sheets from within Active Directory Users and Computers.
  Is High Risk Trustee	Does this ACE apply to many or all users? This property returns TRUE if the Trustee is equal to "Anonymous Logon", "Authenticated Users", "Domain Guests", "Domain Users", "Everyone", "Guests", "IUSR", or "Users".
  Change Password	Does this ACE contain the 'Change Password' right? Users with the Change Password permission are allowed to change the password, if they supply the current one.
  Reset Password	Does this ACE contain the 'Reset Password' permission? Users with the Reset Password permission can change the object's password, without knowing the current one.
  Send As	Does this ACE contain the 'Send As' permission? This permission allows users to send an email as the object.
  Receive As	Does this ACE contain the 'Receive As' permission? This permission allows users to access the object's incoming mail.
  Send To	Does this ACE contain the 'Send To' permission? This permission allows users to send emails to this object.
  Allowed to Authenticate	Does this ACE contain the "Allowed to Authenticate" permission? This permission is used to allow users to authenticate themselves to resources in trusted domains that have selective authentication enabled.
  Add/Remove Self as Member	Does this ACE contain a 'Add/Remove Self as Member' permission? This permission is granted to objects on group ACLs to allow the objects to add themselves to the group's membership list.
  Generate RSOP (logging)	Does this ACE contain a 'Generate RSOP (logging)' permission? This permission is granted on OU objects and allows users to generate Resultant Set of Policy logging reports.
  Generate RSOP (planning)	Does this ACE contain a 'Generate RSOP (planning)' permission? This permission is granted on OU objects and allows users to generate Resultant Set of Policy planning reports.
  Create User	Does this ACE contain a 'Create User' permission?
  Delete User	Does this ACE contain a 'Delete User' permission?
  Create Group	Does this ACE contain a 'Create Group' permission?
  Delete Group	Does this ACE contain a 'Delete Group' permission?
  Create Contact	Does this ACE contain a 'Create Contact' permission?
  Delete Contact	Does this ACE contain a 'Delete Contact' permission?
  Create Computer	Does this ACE contain a 'Create Computer' permission?
  Delete Computer	Does this ACE contain a 'Delete Computer' permission?
  Create OU	Does this ACE contain a 'Create OU' permission?
  Delete OU	Does this ACE contain a 'Delete OU' permission?
  Full Control	Does this ACE contain a 'Full Control' permission?
  File Security Reports
  Common Permissions	This property contains a list of common permissions that can be granted on file system objects. This list is similar to the list that appears on the Security tab (Advanced view) of property sheets from within Windows Explorer.
  Is High Risk Trustee	Does this ACE apply to many or all users? This property returns TRUE if the Trustee is equal to "Anonymous Logon", "Authenticated Users", "Domain Guests", "Domain Users", "Everyone", "Guests", "IUSR", or "Users".
  Full Control	Does this ACE contain a 'Full Control' permission?
  Mailbox Security Reports
  Common Permissions	This property contains a list of common permissions that can be granted on file system objects. This list is similar to the list that appears on the Security tab (Advanced view) of property sheets from within Windows Explorer.
  Is High Risk Trustee	Does this ACE apply to many or all users? This property returns TRUE if the Trustee is equal to "Anonymous Logon", "Authenticated Users", "Domain Guests", "Domain Users", "Everyone", "Guests", "IUSR", or "Users".
  Full Control	Does this ACE contain a 'Full Control' permission?
  Ace Source	Is this ACE inherited from the mailbox database, or explicitly defined on the specific mailbox?
  Printer Security Reports
  Common Permissions	This property contains a list of common permissions that can be granted on printer objects. This list is similar to the list that appears on the Security tab (Advanced view) of property sheets from within the Print Management administrative tool.
  Is High Risk Trustee	Does this ACE apply to many or all users? This property returns TRUE if the Trustee is equal to "Anonymous Logon", "Authenticated Users", "Domain Guests", "Domain Users", "Everyone", "Guests", "IUSR", or "Users".
  Full Control	Does this ACE contain a 'Full Control' permission?
  Manage this Printer	Does this ACE contain a 'Manage this Printer' permission? This permission allows users to perform administrative tasks, such as starting, pausing and stopping the printer, change spooler settings, share the printer, modify permissions and changing properties.
  Manage Documents	Does this ACE contain a 'Manage Documents' permission? This permission allows users to perform administrative tasks relating to documents being printed, such as starting, pausing, resuming, reordering, and cancelling documents.
  Print Permission	Does this ACE contain a 'Print' permission? This permission lets users print documents.

Reports

• Added a new view for when folders are selected in the Report Tree. The descriptions in this view can be read to discover the purpose of built-in reports, or modified to add usage notes for your own folders. Right-click on a folder in the tree and select "Properties" to modify the description text.
• Added a list of Well known Locations to the Report Scope items, including: <My OU>, <My Domain>, <Users OU>, <Deleted Objects OU>, and several more
• Added over 200 new security reports including: High-Risk Trustees, Unusual Owners, Non-default Security Rights, Auditing Rights, and scores of reports detailing all instances of specific permissions granted on AD objects and file shares throughout your network.
• Improvements to report engine to speed up processing and reduce memory footprint.

Scheduled Tasks

• Added optional expiration date and time for scheduled tasks
• Added ability to delete the task after it expires
• Added ability to repeat tasks throughout the day(e.g. run the task every half hour)
• Added an Import Tasks feature to the Scheduled Tasks right click menu for importing 7.0 scheduled tasks

ADsecurity v8.1.0.0 addresses the following issues:

Filtering

• Fixed an issue where filters were working incorrectly when matching "Is empty", "Is not empty", "Is unique", or "Is not unique" on child attributes. These filters were incorrectly matching against the value of the parent attribute.

Reports

• On some machines, saving a report with photos to a PDF file would resize the photos incorrectly.
• Fixed an issue causing cells containing child attributes to to display incorrectly if the cell had more than 15 rows of data.

Previous Versions

ADsecurity v8.0.0.0 was built on the foundation of ADtoolkit version 7. The complete version history for ADtoolkit can be found at:
http://www.javelinasoftware.com/support/ADtoolkitVersionHistory.pdf

Future Versions

Many of the new features we add to our software come directly to us as requests from our users. If you have a feature suggestion for future versions of ADsecurity, please tell us about it with our Feature Request Form.