1. New Programs
2. Changes to Multiple Programs
3. Renaming of programs
4. Changes to Individual Programs

Release Notes for JRButils for AD v3.0 V3.0

New Programs

Adaccexp

Adaccexp is intended for use in a login script where it displays a warning if the user’s account is about to expire. The number of days before expiration at which warnings begin is adjustable and defaults to seven. Adaccexp can also be used to check the account expiration status of a named user. Both text mode and GUI versions are available.

Adfsupdate

Adfsupdate is file system maintenance program. It can do the following:

• Copy selected files, or an entire directory structure to multiple hosts, retaining all file attributes, dates and ownership.
• Perform a selective copy or delete based on owner, creation date, modification date or last accessed date.
• Perform an update copy transferring only newer files or those which do not exist in the target directory.
• Perform a mirror copy which in addition to updating files in the target directories, removes and files and directories which do not exist in the source.
• Delete individual files or entire directory structures from one or more hosts.
• List the files to be deleted for a selective delete, without actually deleting them.
• Delete files but retain the directory structure.
• Delete or overwrite files flagged read-only.
• Set file and directory attributes.
• Rename files.

Works on both Windows and NetWare drives.

Adgetdirquota

Adgetdirquota is for use with directory quotas on W2008. It can display quotas, usage, free space, quota status (enforced, not enforced, disabled), peak usage, peak usage time and warning thresholds. It can do the following:

• Process individual directories, all subdirectories of a directory, or an entire directory structure.
• Display quota values for the home directories of individual users, users selected via wildcards, or for all members of a group. The home directory for each user is obtained from their homeDirectory attribute.
• The values can be displayed in bytes, KB, MB or GB.
• Filter the results on any of the fields e.g. directories without a quota, or users whose home directory usage exceeds 500MB.

Adgetobjsec

Adgetobjsec displays components of the security descriptor from the ntSecurityDescriptor attribute for objects of any class in Active Directory. It can do the following:

• Display any combination of the dacl, sacl, owner, group and security descriptor flags.
• Display components for a single object, objects selected via wildcards, all members of a group, a group object or a list of objects in a file.
• Display explicit (non-inherited) ACEs, inherited ACEs, or both.
• Display all or any combination of ACE types from the dacl and sacl e.g. deny and deny object ACEs.
• Display only those ACEs with a specified object type.
• Display only those ACEs with a specified inherited object type.
• Display ACEs selectively based on the permissions granted or denied.
• Suppress the display of dacl and sacl ACEs for well-known security identifiers such as “NT AUTHORITY\SELF”.
• Display the rights in character form e.g. CR or as a 32 bit hexadecimal value representing the permissions mask.
• Has flexible output formats including the ability to list selected ACE fields in any order and optionally in comma or semicolon delimited format.
• Sort the results on any field.

Adpwdexp

Adpwdexp is intended for use in a login script where it displays a warning if the user’s password is about to expire. However, it can also perform the check for any nominated user. The number of days before expiration at which warnings begin is adjustable and defaults to seven. Adpwdexp can also force a password change before or after password expiration. It will prompt for and change the password.  Both text mode and GUI versions are available. The GUI version has a number of extra features including:

• Can change AD domain, NT domain, workstation and NetWare passwords.
• Can force the window to remain as the topmost window.
• Allows either one or two lines of user supplied text to be displayed.
• Can control how long the window warning of impending password expiration remains open.
• Can prevent changing other passwords if the Active Directory password is not successfully changed first.
• Can display a customer supplied icon or bitmap on the right of the window.

Adsetdirquota

Adsetdirquota sets and removes directory quotas individually or en masse. The program must be run on W2008 server or later. It can do the following:

• Process individual directories, all subdirectories of a directory, or an entire directory structure.
• Set quota values for the home directories of individual users, users selected via wildcards, or for all members of a group.
• The home directory for each user is obtained from their homeDirectory attribute.
• Apply a quota or a quota template.
• Can increase or decrease existing quotas by a nominated amount or percentage.
• Set quotas relative to the current usage.
• Remove quotas and quota templates.
• Set the quota status to hard, soft or disabled.
• Reset the peak usage value to the current usage.
• Prompt for confirmation before setting each value.

Adsettrust

Adsettrust manages ACE entries in the discretionary access control list for files and directories. Specifically, it can do the following:

• Add grant or deny ACEs for one or more directories or files.
• Remove grant or deny ACEs for one or more directories or files.
• Restore ACEs from a file of adsettrust, icacls or cacls commands created by adtrstlist.
• Accepts wildcards in trustee object names allowing multiple objects to be updated for the same files and directories.
• Check for and optionally fix ACLs containing duplicate ACEs, incorrectly ordered ACEs or unused space.
• Grant or remove non-propagated RX rights to each parent directory, thereby providing a means to browse to the directory from the volume root.
• Modify dacls on both Active Directory servers and on workstations.
• Accepts rights in numeric format as well as accepting the well known symbols of R, X, GR, GE etc.