How to use AD-Browser

1. Start AD-Browser
2. View Containers
3. Browse © Active Directory (OU)
4. Search © Active Directory
5. Change the Search Filter
6. Delete a Column
7. View Properties
8. List Group Members
9. List Member of Group
10. Manage Group Members
11. Export List View
12. Export Tree View
13. Create an AD object
14. Modify an AD object
15. Set AD users password
16. Delete an AD object
17. Import AD objects

1. Start AD-Browser

a) The prefered way to start AD-Browser is from a PC which was joined to the Domain before. Log on as Domain User or Domain Admin and start adbrowser.exe. AD-Browser builts a Tree-View of Organizational Units (OU's).

b) If you start AD-Browser from a PC outside of the Domain you will get a Dialog to enter connection information e.g:

• Hostname: specify the PDC (Primary Domain Controller) of the Domain to be browsed
• Username: enter Domainname and Username
• Password: enter Password for Username
• Root-DSE: (rootDSE) is defined as the root of the directory data tree on a directory server
  Write DC in capital letters!

The following features will not work in this mode:

• retrieving OU and CN properties
• retrieving many group members (meber;range)
• retrieving extended GPO settings (registry entries or folder redirection)

2. View Containers (CN)

Use menu View/Containers to see the container structer in the Tree View. To speed up the start containers are not shown when AD-Browser starts. You might change this behavior in the Registry:

[HKEY_CURRENT_USER\Software\Coopware\AD-Browser]
"rc"=dword:00000001

3. Browse © Active Directory (OU)

In the Tree View double click an OU. All Objects filtered by the filter (cn=*, objectClass=computer, ...) are shown in the List-View.

4. Search © Active Directory

To search Active Directory click in the Tree View to select an OU to start.

Next you may change the Change the Search Filter.
Now press the ENTER Key or .
The cursor changes to a hourglass while searching. The number of objects found is displayed in the Statusbar.

If you search © Active Directory the search dept is changed to subtree.
This means: Search in the whole tree.
If you browse © Active Directory the search dept is changed to one level.
This means: Search the current OU and one level in dept.

Use and to navigate in the history hold by AD-Browser (visted OU's and used filters).

5. Change the Search Filter

The second ComboBox contains the following standard filtes:

• cn=*
• objectClass=computer
• objectClass=group
• objectClass=user
• objectClass=printQueue
• objectClass=mSMQConfiguration
• objectClass=groupPolicyContainer

The LDAP search syntax allowes to build more complex search filters that combine several criterias:

6. Delete a Column

To delete a column in List View do a right mouse button click on the List View Header.
If you do this you might get the Settings dialog where you could enable this behavior.

7. View Properties

To view object properties do the following:

• Mark an object in Tree View or List View
• Click the right mouse button and choose Properties
• You will see the object properties dialog
• If the object is a groupPolicyContainer AD-Browser will try to show more details:
  1. registry entires stored in *.pol files and set with the GPO for machine and user
  2. folder redirection for user (if set in fdeploy.ini)
  3. preferences stored in *.xml files

  

• If you want to save the dialog output use File/Save View as ...
  from the dialog menu.

8. List Group Members

If you want to list Group Members do the following:
 

• Search for groups by selecting the filter objectCategory=group
• You will retrieve a list of groups
• Mark the group you are intrested in and click on the member button
• You will retrieve a list of groups members

If you see a member;range, click on it to get the list:
 

9. List Member of Group

To see or export the memberOf (group) attribute click on the memberOf button in the List View.

10. Manage Group Members

View properties of a group to manage its members. Then select the member attribute and click on Edit Value. Specify a members with distinguishedName (one per line).

11. Export List View

To export the current List View choose File/Save List View as from the menu. This will save a TAB seperated Textfile. If no items ar marked or selected the whole List View will be saved. Otherwise only marked or selected items will be saved.

12. Export Tree View

To export the current Tree View choose File/Save Tree View as from the menu. This will save a TAB seperated Textfile.

13. Create an AD object

To create an AD object select an OU in Tree View.
Next do a right mouse click in Tree View or List View and use Create Object then choose the object typ.

If your permissions allow the creation of an object you will get a new one. AD-Browser will set the sAMAccountName by using the first 20 chars.

      sAMAccountName // 20 chars name for backward compatibility

14. Modify an AD object

To modify an AD object view it's properties, mark an attribute and use the buttons Edit Value and Save Value.

15. Set AD users password

To set AD users password view properties.
The button Set Password should be enabled fill in the new password and press OK.

16. Delete an AD object

To delete an AD object do the following:

• Mark an object in Tree View or List View
• Click the right mouse button and choose Delete Object

17. Import AD objects

AD objects may be imported from a TAB seperated text file.

• Mark an object in Tree View
• Click the right mouse button and choose Import Textfile (TAB separated)
• Watch the statusbar to follow the import process

Input file format:

• all columns must be TAB separated
• maximum line chars are 1024
• see sample import.txt

ADS Typ	Value
ADSTYPE_INVALID	0
ADSTYPE_DN_STRING	1
ADSTYPE_CASE_EXACT_STRING	2
ADSTYPE_CASE_IGNORE_STRING	3
ADSTYPE_PRINTABLE_STRING	4
ADSTYPE_NUMERIC_STRING	5
ADSTYPE_BOOLEAN	6
ADSTYPE_INTEGER	7
ADSTYPE_OCTET_STRING	8
ADSTYPE_UTC_TIME	9
ADSTYPE_LARGE_INTEGER	10