1. New Programs
2. Changes to Multiple Programs
3. Renaming of programs
4. Changes to Individual Programs

Release Notes for JRButils for AD v3.0

Changes to Multiple Programs

• Fixed an issue in adcreate, adimport and adsethome where they could add an ACE granting rights to the home directory, ahead of a ‘deny’ ACE already in the access control list, thereby failing to retain the correct ACE order.
  
• Fixed an issue in adimport, adcreate and adrename where they could generate an illegal samAccountName with a leading or trailing period when the common name began or ended in a period. The requested operation then failed.
  
• Updated programs such as adcreate, adimport and adrename to remove a trailing period from the common name when creating the home directory path. The trailing period was ignored by Windows when creating the home directory but would be present in the path stored in the homeDirectory attribute.
  
• Fixed issues in numerous programs where they could fail to locate objects containing escaped commas (e.g. CN=Martin\, Max) in the common name.
  
• Fixed an issue where programs checking for an existing connection to a host would incorrectly determine a connection existed when the host name being checked partially matched another host name to which there was a connection e.g. when checking FRED and a connection existed to FREDDY.
  
• Fixed an issue where programs were failing to locate an object when its display name was given on the command line.
  
• Added support for naming objects via their GUID or SID e.g. adgetrest <sid> aed or adgetrest <guid> aed.
  
• Updated all programs to allow for any part of an object’s distinguished name containing a forward slash. Neither Active Directory nor LDAP require a forward slash to be escaped, but the ADSI programming interface used to access AD uses the forward slash as a path component separator, hence any forward slash in an object name must be escaped with a backslash.
  
• Updated various programs to allow 64 instead of 15 characters for the name of the computer on which the program is running. This follows an incident where adjrbpass failed to determine that the machine was in a domain because the Win32 function GetComputerName was unable to return the name because the buffer was too small. The Windows SDK constant MAX_COMPUTERNAME_LENGTH is defined as 15, which appears to be outdated.
• Rewrote the code for determining if a user can change their password which is used by several programs. This was based on Microsoft sample code but one of the functions used could cause application errors.