I have something more convenient: ActiveNav. ActiveNav is a console application for reading and navigating around Active Directory. It operates at the same level as the low-level ADSI Editor, but does some polishing to remove all the gross LDAP prefixes and stuff. It's designed to be like DOS, with LDAP servers as drives and entries as directories/files.
Another aspect of ActiveNav's design is to be scriptable and automatable. I already have some batch file-ish processing, but no branching or logic instructions. Also in development is an extension API for .NET programs to control the application. All the actual AD connection and browsing business is done and extensively tested. I want to do a little more scalability testing and development of the automation side before I release anything to the public, though.
Some things it can definitely do:
- Connect to an AD-LDAP server with current or specified credentials
- List the sub-entries of the current entry, with optional masking
- Navigate inside OUs or container CN entries with relative or absolute paths
- Display all properties or a specific property of the selected entry
- Interpret the userAccountControl and sAMAccountType properties
- Display group memberships and quickly navigate to members
- Extract real data from byte array and COM object date properties
- Find entries in the tree based on any property with various comparisons
- Sort entries based on integer, string, date, or COM object date properties
Here are some things I have found it useful for:
- Check whether a user has been locked out
- Notify users after logon as to when their password was last misentered
- Find users whose passwords never expire
- Locate the OU where a user resides
Further developments and eventually a download coming soon!
No comments:
Post a Comment