Release Notes for JRButils for AD v13

Changes to Individual Programs

Adaccexp

  • Fixed an issue where some errors reports for invalid command line options did not behave as per the presence or absence of /v (verbose mode).

Adchkhome

  • Fixed an issue where it was not allowing more than four output fields to be displayed at one time.

Adfsrights

  • Modified so that when determining rights for the user running the program, the logon token is used rather than the SID which can provide a more accurate result.
  • Fixed an issue where obtaining the SID for a local user or group could fail due to a memory overwrite.

Adfsupdate

  • Updated the code for locating a matching Windows object when transferring rights and ownership from a Micro Focus host to a Windows host. If an object with a samAccountName matching the eDirectory CN is not found, and the host on which adfsupdate is running is logged into a domain, and the target host is in the same domain, then adfsupdate searches AD for an object with a matching CN. If there is exactly one match, and that object is a user or group, then the rights or ownership are assigned to that object.
  • Updated so that a file of name translations given via /x can also be used when copying from one domain to another. In this case the names must be samAccountNames.

Adgetrest

  • Added the ability to display each object’s description.
  • Added the ability to sort on displayName and description.
  • Added the ability to display the last logon date and modification date for each DC in the domain, via fields ‘lds’ and ‘mds’ respectively. These are non-replicated values.

Adgetval

  • Added “Import” and “Save” buttons to the attributes tab in the GUI versions, allowing the attribute selections to be imported from a file, or saved to a file for later reuse.
  • Modified the GUI versions so that an attribute list in a file specified via /a (e.g. /a=@c:attribs.txt) at startup can be used to provide the attributes to select. This can be either a normal template file as used by command line versions, or a file of attribute names one per line with or without a leading ‘%’ character.
  • Added the ability to correctly display values for the following attributes:
    msExchRecipientDisplayType
    msExchRecipientTypeDetails
    msExchRemoteRecipientType
  • Removed some inconsistencies in the formatting of various attributes between GUI and command line versions, and between when selecting attributes, and displaying all attributes of an object.
  • Fixed an issue where it was displaying a 1976 date for dsCorePropagationData when the attribute did not hold a valid value.
  • Added /b=h to display raw attribute values in hexadecimal format. This may be useful to see what is actually present in each value, rather than the interpretted values normally displayed by adgetval.
  • Fixed a cosmetic issue where an extraneous semicolon could appear in the output when displaying the primaryProxy which is the entry from proxyAddresses with the SMTP: prefix.
  • Added /i providing a means to write the raw data from attributes using the octet string syntax, to a file so that they can be imported into another object attribute via adsetval.
  • Added radio buttons to the window for browsing to select an object in AD in the GUI versions, to indicate whether to process the selected container object, or objects in the container.

Adgroups

  • Modified so that fields for primary and secondary sorting are selected from a drop down list instead of radio buttons.
  • Fixed an issue where it was not accepting names in canonical format in a list of members to exclude from the output.
  • Fixed an issue where it was not accepting non-domain object names in a list of members to exclude from the output.
  • Incorporated the functionality of adusersgrps so that adgroups can now be used to list the groups to which objects belong.
  • Added command line option /a=m to allow preselecting the option to list groups to which objects belong.
  • Fixed an issue when removing group members where it might not remove all matching members due to premature exit from a loop.
  • Added the ability to browse for local users and groups. To browse on a different host from the current, enter the host name followed by a backslash (e.g. pluto\ in the group or user edit box before clicking the “Browse” button.

Adimport

  • Fixed an issue where it was not setting ownership of files copied into the home directory of each user.
  • Added /o to overwrite files with the read-only attribute set when copying into home directories. A message saying to use /o could be reported when /o had not been a valid option.
  • Added substitution identifiers %date%, %datetime% and %time% for constructing fixed values. These allow placing the current date and/or time into new attribute values.

Adlookup

  • Added the ability to correctly display values for the following attributes:
    msExchRecipientDisplayType
    msExchRecipientTypeDetails
    msExchRemoteRecipientType
  • Removed some inconsistencies in the formatting of various attributes between when selecting attributes, and displaying all attributes of an object.
  • Separated /i (suppress field names and produce delimited output) into /i and /q so that a line of field names can be displayed for delimited output.

Admovehome

  • Fixed an issue where using /i to overwrite files with the read-only attribute set was not working.
  • Fixed a cosmetic issue where failure to overwrite a read-only file resulted in a message to use /o (as per adfsupdate) instead of /i.

Adobjsec

  • Added radio buttons to the window for browsing to select an object in AD, to indicate whether to process the selected container object, or objects in the container.

Adopenfile

  • Updated to display the paths for open files in the correct case, when they are returned in uppercase which seems to happen for recent versions of Windows server.
  • Suppressed the connection count which always equalled the open file count. There is no way to determine which files are opened by the same connection.
  • Fixed an issue with connecting to a host in a different domain.
  • Changed /n so that when working across domains, adopenfile now does not attempt to authenticate to AD in the target domain by default. This could introduce significant delays. Use /n to do so.
  • Added /m to limit the display of open files to those in the nominated path, ignoring those in subdirectories which function NetFileEnum returns by default.
  • Added the fileID as an output field. This is a unique 32 bit number assigned to the open resource.
  • Updated the display of permissions to include values not documented when adopenfile was originally written.
  • Under WS2012 when run from the console, and under WS2016 onwards, function NetFileEnum also returns open paths. These include the path where files are open, and paths where there has been recent activity e.g. issuing a ‘dir’ command. /d has been added to control whether open files, open paths, or both are displayed.

Adpwdexp

  • Fixed an issue where some errors reports for invalid command line options did not behave as per the presence or absence of /v (verbose mode).

Adrights

  • Modified so that when determining rights for the user running the program, the logon token is used rather than the SID which can provide a more accurate result.

Adsettrust

  • Fixed an issue where an application error could occur when using /i and no object name or permissions were specified.
  • Added /r=a as a safety check when /r is used without an object name and permissions. This will remove all ACEs with the specified inheritance, and ‘a’ is now required to ensure that this is the intended action.

Adsetval

  • Added /k to allow inserting or removing substrings from existing text values. A substring may be inserted or removed at a specified position for all values of the attribute, or for a single value.
  • Modifed the behaviour when attempting to add a second value to the description and info attributes. These are single valued, but may contain multiple lines separated by <CR><LF> pairs. An attempt to add a value, now appends the value as the last line. Previously, these were treated as single valued and attempts to set a second value simply replaced any existing value.
  • Modified /n which allows multiple values to be specified, to now add these as separate lines for the info and description attributes.
  • Modified /i which sets lines of text in the info attribute to also support the description attribute. Both can contain multiple lines of text separated by <CR><LF> pairs within the single value.
  • Added ‘d’ as a new option for /i to remove a line of text from a single valued, but multi-lined attribute such as info.
  • Added support for the following substitution identifiers in text values:
    %datetime%
    %date% or %jrbdate%
    %time% or %jrbtime%
    Note that the Windows command line interpreter automatically translates %date% and %time%, hence the provision of the alternative identifiers, where the format used is controlled by the JRBDATETIME environment variable. Either may be used when values are read from a file.

Adwhodidit

  • Modified so that when /$ is used to indicate that the lowest level of the path is a directory, /d defaults to ‘d’ when neither ‘f’ or ‘d’ is used. A value of ‘f’ for /d is now ignored when /$ is used.
  • Added fields ‘lp’ and ‘lt’ to display whether a Windows file or directory is a junction or symlink, and the path to which it points.