• Home

  • Documents

  • Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows...
38
ADInsight Copyright © 2007 Mark Russinovich and Bryce Cogswell Sysinternals - www.sysinternals.com ADInsight is an advanced monitoring tool for Windows that shows real- time file client-side Active Directory (LDAP - Light-weight Directory Access Protocol) activity. Using ADInsight, you can troubleshoot permissions, performance, and configuration issues that affect AD- enabled applications, such as Exchange and SQL Server. ADInsight uses DLL injection techniques to intercept calls that applications make in the Wldap32.dll library, which is the standard library underlying Active Directory APIs such ldap and ADSI. Unlike network monitoring tools, ADInsight intercepts and interprets all client-side APIs, including those that do not result in transmission to a server. ADInsight monitors any process into which it can load it’s tracing DLL, which means that it does not require administrative permissions, however, if run with administrative rights, it will also monitor system processes, including windows services. ADInsight runs on Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008.

Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

  • Upload
    others

  • View
    20

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ADInsightCopyright©2007MarkRussinovichandBryceCogswellSysinternals-www.sysinternals.com

ADInsightisanadvancedmonitoringtoolforWindowsthatshowsreal-timefileclient-sideActiveDirectory(LDAP-Light-weightDirectoryAccessProtocol)activity.UsingADInsight,youcantroubleshootpermissions,performance,andconfigurationissuesthataffectAD-enabledapplications,suchasExchangeandSQLServer.

ADInsightusesDLLinjectiontechniquestointerceptcallsthatapplicationsmakeintheWldap32.dlllibrary,whichisthestandardlibraryunderlyingActiveDirectoryAPIssuchldapandADSI.Unlikenetworkmonitoringtools,ADInsightinterceptsandinterpretsallclient-sideAPIs,includingthosethatdonotresultintransmissiontoaserver.ADInsightmonitorsanyprocessintowhichitcanloadit’stracingDLL,whichmeansthatitdoesnotrequireadministrativepermissions,however,ifrunwithadministrativerights,itwillalsomonitorsystemprocesses,includingwindowsservices.

ADInsightrunsonWindows2000,WindowsXP,WindowsVista,WindowsServer2003,andWindowsServer2008.

http://www.sysinternals.com
Page 2: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

CapturingEvents

Totogglecapturemodeonandoff,clicktheCapturetoolbarbutton,chooseCaptureEventsfromtheFilemenu,orpressCtrl+E.Nodataiscollectedwhencapturemodeisoff.

Note

Bydefaulteventsarecapturedwhenanewconnectionismade.TochangethedefaultcapturemodechoosePreferencesfromtheOptionsmenuandclearAutomaticallystarttocaptureafterconnection.

Page 3: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

CopyinganEvent

TocopyaselectedeventtotheClipboard,choseCopyfromtheEditmenuorpressCtrl+C.

Page 4: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

FindingText

TosearchforanoccurrenceoftextintheEventPane,clicktheFindtoolbarbutton,chooseFindontheEditmenu,orpressCtrl+F.ThisactionopenstheFinddialogbox.

IfthetextyouenteredisfoundintheEventPane,thematchingeventwillbeselectedandAutoScrollwillbeturnedofftokeepthelineinthewindow.

TorepeatasearchdowntheeventlistpresstheF3shortcutkey.TorepeatasearchuptheeventlistpresstheShift+F3shortcutkey.

Note

YoucansearchonlyincolumnsthatarevisibleintheEventPane.Tosetthecolumndisplay,chooseSelectColumnsfromtheOptionsmenuorfromthecontextmenuthatappearswhenyouright-clickonanitem.

Page 5: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ClearingtheDisplay

TocleartheEventPane,clicktheCleartoolbarbuttonorchooseClearDisplayfromtheEditmenu.

Thisactionresetsthesequencenumberto0;italsoresetsthevaluesdisplayedintheTimecolumnifrelativetimeisselected.

Page 6: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

FilteringtheDisplay

Todisplayorhideprocesseswhosenamescontainspecifiedtextsubstrings,ortoaddorexcludeselectedLDAPtransactions,clicktheFiltertoolbarbutton,chooseEventFilterfromtheViewmenu,orpressCtrl+L.

ThisactionopenstheEventFiltersdialogbox.

Toviewonlyprocesseswhosenamescontainspecifiedsubstrings,typethetextexpressionintheIncludelist.Toexcludeprocesseswhosenamescontainspecifiedsubstrings,typethetextexpressionintheExcludelist.

Page 7: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

UsingFilterExpressions

Youcanentermultipleexpressionsbyseparatingeachexpressionwithasemicolon(;).UsetheAsterisks(*)asawildcardcharacter.Donotincludespacesintheexpressionunlessyouwantthespacestobepartofthefilter.Filterexpressionsareacaseinsensitive.

SelectingDisplayedTransactions

TohideselectedLDAPtransactions,clearthecorrespondingcheckboxes.TodisplayeventsnotcommonlyusedfortroubleshootingandconfigurationselectShowAdvancedEvents.

ToresettheIncludeandExcludeexpressionsandselectthedefaultLDAPtransactioncheckboxes,clickResettoDefault.

Notes

ChangesintheEventFiltersdialogboxdonotaffectitemsalreadyinthedisplay.WhenyoustartInsightforActiveDirectorywithaProcessFilterappliedfromaprevioussession,theEventFiltersdialogboxwillopentoconfirmyourfiltersettings.TostarttheconsolewithoutopeningtheFilterdialogbox,addthe-qparametertoyourstartupcommand.

Page 8: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

HighlightingEvents

Tosetdisplayhighlightingproperties,chooseHighlightPreferencesontheHighlightmenuorfromthecontextmenuthatappearswhenyouright-clickonanitemintheEventPane.

ThisactionopenstheEventHighlightingdialogbox.

Tohighlighteventsinthesamesessionhandleastheselecteditem,clickSessions.Tohighlighteventswiththesameeventhandleastheselecteditem,clickRelatedItems.Tohighlighteventswhoseprocessnamescontainspecifiedtextsubstrings,clickProcessesandtypethetextexpressionintheProcessNameFilterlist.FilterexpressionrulesapplytotextintheProcessNameFilter.Tohighlighteventswitherrors,clickErrorResult.

Page 9: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

TohighlighteventswithResultTimesthatarelongerthanaspecifiedtime,clickHighlightEventsthattakelongerthanandtypethetimeinseconds.

Tochangeahighlightcolor,clicktheColorbuttoncorrespondingtothehighlightoption.ThisactionopenstheHighlightColordialogbox.Totoggleallhighlightingonandoff,chooseEnableHighlightingontheHighlightingmenu.

Note

TheNextandPrevtoolbarbuttonsaredisabledwhenhighlightingisdisabledorErrorResultisnotselected.

Page 10: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

FindingEventErrors

TogotothenexterrorintheEventPane,clicktheNexttoolbarbuttonorchooseNextEventErrorfromthecontextmenuthatappearswhenyouright-clickonanitemintheEventPane.

TogotothepreviouserrorintheEventPane,clickthePrevtoolbarbuttonorchoosePreviousEventErrorfromthecontextmenuthatappearswhenyouright-clickonanitemintheEventPane.

Note

TheNextandPrevtoolbarbuttonsaredisabledwhenhighlightingisoff,whenErrorResultintheEventHighlightingdialogboxisnotselected,orwhennoitemisselectedintheEventPane.

Page 11: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewingRelatedEvents

Toviewalistofeventswiththesameeventhandleastheselecteditem,chooseViewRelatedEventsontheViewmenuoronthecontextmenuthatappearswhenyouright-clickontheitem.ThisactionopenstheRelatedTransactionEventswindow.

NoteColumnsthatappearinthewindowcorrespondtothecolumnsvisibleintheEventPane.Toaddorremovecolumns,chooseSelectColumnsfromtheOptionsmenuorfromthecontextmenuthatappearswhenyouright-clickonanitem.

Page 12: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewingRelatedSessionEvents

ToviewalistofeventswiththesameLDAPsessionhandleastheselecteditem,chooseViewSessionEventsontheViewmenuoronthecontextmenuthatappearswhenyouright-clickontheitem.ThisactionopenstheRelatedSessionEventswindow.

NoteColumnsthatappearinthewindowcorrespondtothecolumnsvisibleintheEventPane.Toaddorremovecolumns,chooseSelectColumnsfromtheOptionsmenuorfromthecontextmenuthatappearswhenyouright-clickonanitem.

Page 13: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewingProcessInformation

ToviewinformationabouttheprocessmakinganLDAPcall,chooseProcessInformationfromthecontextmenuthatappearswhenyouright-clickonanitemintheEventPane.

ThisactionopenstheProcessInformationwindow.

Page 14: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewingEventInformation

ToviewsummaryinformationaboutanLDAPfunctionthatappearsintheRequestcolumn,double-clickanitemintheEventPaneorchooseEventInformationfromthecontextmenuthatappearswhenyouright-click.

Thisactionopensapop-updialogboxthatdisplaysthefullnameanddescriptionofthefunction.

ToviewdetaileddiagnosticinformationabouttheLDAPfunction,clicktheMoreInfohyperlink.ThisactionopensabrowserwindowwithinformationfromtheMSDNLibraryWebsite.

Page 15: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

SettingTimeDisplayOptions

TotoggletheTimecolumndisplaybetweenclocktimeandrelativetime,chooseClockTimefromtheOptionsmenuorpressCtrl+T.

WhenclocktimeisselectedyoucantoggletheTimecolumndisplaytoshoworhidemillisecondsbychoosingShowMillisecondsfromtheOptionsmenu.YoucantogglethenumberofdecimalplacesdisplayedintheTimeandDurationcolumnsbychoosingShowSimpleTimefromtheOptionsmenu.SimpletimeisdisplayedintheTimecolumnonlywhenrelativetimeisselected.

Page 16: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

SettingAutoScroll

Bydefaultthedisplayscrollstoautomaticallyshownewactivity.

TotoggleAutoScrolloffandon,clicktheScrolltoolbarbutton,chooseAutoScrollontheViewmenuorpressCtrl+A.

Note

TurningoffAutoScrolltemporarilysetstheHistoryDepthtoanunlimitednumberoflinessothatnewitemswillcontinuetoappearinthedisplay.

Page 17: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

SettingHistoryDepth

BydefaultolderlinesarediscardedfromtheeventlisttostaywithinaspecifiedHistorydepth.TochangeHistorydepth,clicktheHistorytoolbarbutton,chooseHistoryDepthontheViewmenu,orpressCtrl+H.

ThisactionopenstheEventListHistoryDepthdialogbox.

TypeorselectanewvalueintheHistoryDepthboxorclickDefaulttorestorethedefaultvalueof50,000lines.Typeorselect0intheHistoryDepthboxtoretainanunlimitednumberoflinesinthedisplay.

Note

TurningoffAutoScrolltemporarilysetstheHistoryDepthtoanunlimitednumberoflinessothatnewitemswillcontinuetoappearinthedisplay.

Page 18: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

SettingtheColumnDisplay

Toselectthecolumnsthatappearinthedisplay,chooseSelectColumnsfromtheOptionsmenuorfromthecontextmenuthatappearswhenyouright-clickonanitemintheEventPane.ThisactionopenstheSelectColumnsdialogbox.

YoucanchooseanyofthefollowingcolumnstoappearintheEventPane:

SequenceNumber

theuniquesequencenumberassignedtoanevent;gapsinsequencenumbersmayindicatebufferoverflowresultingfromheavyactivityorfilteringthatpreventssomeitemsfromappearinginthedisplay

Time thetimethattheeventoccurred

Process thenameoftheprocessmakingtheLDAPcalltotheActiveDirectory

Request thenameoftheLDAPfunctioncall

Type whethertheLDAPcallissynchronousorasynchronous

Session theLDAPsessionhandle

EventID theLDAPeventhandle

Page 19: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

Input thevaluepassedfromtheProcesstotheActiveDirectory

Output thevaluepassedtotheProcessfromtheActiveDirectory

Result theResultcodereturnedbythefunction;SuccessresultsarenotdisplayedunlessyouclearSuppressSuccessStatusontheOptionsmenu

Duration theelapsedtimebetweenthecallandtheresult

YoucanchooseanyofthefollowingcolumnstoappearintheDetailsPane:

Parameter theparameternamesfortheselectedLDAPcall

In/Out whethertheparameterisbeingsentorreceivedbytheapplication

Value thevaluepassedtoorfromtheprocessmakingtheLDAPcall

Page 20: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

SettingOtherDisplayOptions

Tochangethefontsizeofitemsinthedisplay,chooseFontontheOptionsmenu.ChooseAlwaysonToptokeepthewindowdisplayedwhenyouswitchprogramsorwindows.TotoggletheRequestcolumnbetweenfullandsimpleLDAPfunctionnames,clickShowSimpleEventNameontheOptionsmenu.ExamplesoffullandsimpleLDAPfunctionnamesare:

FullNameldap_get_values_len

SimpleName getvalueslength

Totogglethedisplaybetweendistinguishedandsimplenames,clickShowDistinguishedNameFormatontheOptionsmenu.Examplesofequivalentdistinguishedandsimplenamesare:

DistinguishedNameCN=RCHASE-2K3,CN=Computers,DC=OA,DC=Denver,DC=Addesinc,DC=com

SimpleName OA.Denver.Addesinc.com\Computers\RCHASE-2K3

TotogglethedisplayofLDAPfilterstringsintheInputcolumnandDetailsPanebetweensimpleformat(i.e.,prefixnotation)andstandardformat(i.e.,infixnotation),clickShowSimpleLDAPFiltersontheOptionsmenu.Examplesofequivalentsimpleandstandardformatfilterstringsare:

SimpleFormat((NOT((showInAdvancedViewOnly=TRUE))AND(samAccountType=805306368))AND((name=rchase-2k3*)OR(sAMAccountName=rchase-2k3*)))

StandardFormat (&(&(!(showInAdvancedViewOnly=TRUE))(samAccountType=805306368))(name=rchase-2k3*)(sAMAccountName=rchase-2k3*)))

Page 21: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

TotoggleoffandonthedisplayofSuccessstatusintheResultcolumn,clickSuppressSuccessStatusfromtheOptionsmenu.

Page 22: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

Command-LineOptions

Youcanusecommand-lineparameterstosetconsolestartupoptionsandtolaunchthemonitoringservicefromabatchfileorcommandwindow.

Syntax

adinsight[-q][-o][-logFileName][-fiIncludeString][-feExcludeString][[-uUserName–pPassword]-rComputerName]...

Parameters

–q

StartstheconsolewithoutopeningtheFilterdialogbox.BydefaulttheFilterdialogboxopensatstartupifanyfiltersareapplied.

–o

Turnsoffeventcapture.

-logFileName

Writesactivitytoalogfilewithoutopeningtheconsole,whereFileNameisthenameoftheoutputfile.

–fi

SpecifiesanIncludestringfortheFilter.FilterexpressionrulesapplytotheIncludeStringtext.

–fe

SpecifiesanExcludestringfortheFilter.FilterexpressionrulesapplytotheExcludeStringtext.

-?

Displayshelpatthecommandprompt.

Page 23: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

SavingOutput

TosavethecontentsoftheEventPaneasatextfile,chooseSaveontheFilemenuorpresstheCtrl+Sshortcutkey.

TocopytheselecteditemtotheClipboard,choseCopyfromtheEditmenuorpresstheCtrl+Cshortcutkey.

Note

YoucanalsosavethecontentsoftheEventPaneasHTMLformattedreports.

Page 24: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

LoggingtoaFile

Youcanusethecommand-line-logoptiontowriteactivitytoalogfilewithoutopeningtheconsole.

Page 25: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewingEventReports

ToviewareportofallitemsintheEventPane,chooseEventsfromtheHTMLReportssubmenuoftheViewmenu.

ThisactionopensanHTML-formattedreportinyourWebbrowserwindow.

ToviewdetaileddiagnosticinformationaboutanLDAPfunctionintheRequestcolumn,clickthehyperlink.Tosavethecontentsofthereport,

Page 26: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

chooseSaveAsfromtheFilemenuofyourbrowserwindow.

Note

ColumnsthatappearinthereportcorrespondtothecolumnsvisibleintheEventPane.Toaddorremovecolumns,chooseSelectColumnsfromtheOptionsmenuorfromthecontextmenuthatappearswhenyouright-clickonanitem.

Page 27: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewingEventswithDetails

ToviewareportofallitemsintheEventPanewithcorrespondingDetailsPanes,chooseEventswithDetailsfromtheHTMLReportssubmenuoftheViewmenu.

ThisactionopensanHTML-formattedreportinyourWebbrowserwindow.

ToviewdetailedinformationaboutanLDAPfunctionintheRequest

Page 28: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

column,clickthehyperlink.Tosavethecontentsofthereport,chooseSaveAsfromtheFilemenuofyourbrowserwindow.

Note

ColumnsthatappearinthereportcorrespondtothecolumnsvisibleintheEventPane.Toaddorremovecolumns,chooseSelectColumnsfromtheOptionsmenuorfromthecontextmenuthatappearswhenyouright-clickonanitem.

Page 29: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewingEventswithTimeResults

ToviewahistogramreportofLDAPcallsintheEventPanewithTotalTime,LongestTime,andAverageTimestatistics,chooseEventTimeResultsfromtheHTMLReportssubmenuoftheViewmenu.

ThisactionopensanHTML-formattedreportinyourWebbrowserwindow.

ToviewdetailedinformationaboutanLDAPfunction,clickthehyperlink.Tosavethecontentsofthereport,chooseSaveAsfromtheFilemenuofyourbrowserwindow.

Note

Todisplayuncalledfunctions,choosePreferencesfromtheOptionsmenuandclearSuppressuncalledfunctionsinreports.

Page 30: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewingHighlightedEvents

ToviewareportofhighlightedentriesintheEventPane,chooseHighlightedEventsfromtheHTMLReportssubmenuoftheViewmenu.

ThisactionopensanHTML-formattedreportinyourWebbrowserwindow.

Page 31: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ToviewdetailedinformationaboutanLDAPfunctionintheRequestcolumn,clickthehyperlink.Tosavethecontentsofthereport,chooseSaveAsfromtheFilemenuofyourbrowserwindow.

Note

ColumnsthatappearinthereportcorrespondtothecolumnsvisibleintheEventPane.Toaddorremovecolumns,chooseSelectColumnsfromtheOptionsmenuorfromthecontextmenuthatappearswhenyouright-clickonanitem.

Page 32: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ChangeColorHighlighting

YoucansetcolorhighlightingpropertiesofthedisplaybychoosingHighlightPreferencesfromtheHighlightmenuorfromthecontextmenuthatappearswhenyouright-clickonanitemintheEventPane.

Page 33: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

DisplayOnlySelectedEvents

YoucandisplayorhideprocesseswhosenamescontainspecifiedtextoraddandexcludeselectedtransactionsbyclickingtheFilter toolbarbutton,choosingEventFilterontheViewmenu,orpressingCtrl+L.

Page 34: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

LogSystemActivity

Youcanusethecommand-line-logoptiontowriteactivitytoalogfilewithoutopeningtheconsole.

Page 35: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

SaveEventsintheDisplay

YoucansavethecontentsoftheEventPaneasatextfilebychoosingSaveontheFilemenuorpressingCtrl+S.

YoucancopyaselecteditemtotheClipboardbychoosingCopyfromtheEditmenuorpressingCtrl+C.

Note

YoucanalsosavethecontentsoftheEventPaneasHTMLformattedreports.

Page 36: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ViewDifferentColumnsintheDisplay

YoucanselectthecolumnsthatappearinthedisplaybychoosingSelectColumnsfromtheOptionsmenuorfromthecontextmenuthatappearswhenyouright-clickonanitemintheEventPane.

Page 37: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

ReportingBugs

[email protected],includingthebehavioryouobserved,thebehavioryouexpected,andstepsforreproducingtheproblem.

mailto:[email protected]
Page 38: Insight for Active Directory · Sysinternals - ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory

SettingProgramPreferences

Tochangethedefaultcapturemodewhenmakinganewconnection,displayatrayicon oncomputersrunningthemonitoringservice,changetheTCP/IPportnumberoradministrativesharename,ordisplayuncalledfunctionsinEventswithTimeResultsreports,choosePreferencesfromtheOptionsmenu.

ThisactionopensthePreferencesdialogbox.


1 Administering Active Directory Locating Active Directory Objects Controlling Access to Active Directory Objects Publishing Resources in Active Directory

1 Administering Active Directory Locating Active Directory Objects Controlling Access to Active Directory Objects Publishing Resources in Active Directory

Documents
Module 1: Introduction to Active Directory. Overview Introduction to Active Directory Active Directory Logical Structure Role of DNS in Active Directory

Module 1: Introduction to Active Directory. Overview Introduction to Active Directory Active Directory Logical Structure Role of DNS in Active Directory

Documents
ACTIVE DIRECTORY

ACTIVE DIRECTORY

Documents
Active Directory Security: The Journey€¦ · Active Directory vs Azure AD Sean Metcalf (@PyroTek3) TrimarcSecurity.com On-premises Active Directory •Authentication, Directory,

Active Directory Security: The Journey€¦ · Active Directory vs Azure AD Sean Metcalf (@PyroTek3) TrimarcSecurity.com On-premises Active Directory •Authentication, Directory,

Documents
sysinternals demo sysinternals

sysinternals demo sysinternals

Documents
Active Directory Planning Worksheets · Web viewActive Directory Planning Worksheets. Active Directory Planning Worksheets. taken with permission from Active Directory Planning and

Active Directory Planning Worksheets · Web viewActive Directory Planning Worksheets. Active Directory Planning Worksheets. taken with permission from Active Directory Planning and

Documents
Introduction to Active Directory · Introduction to Active Directory ... Active Directory is based on LDAP. ... Active Directory Sites and Services

Introduction to Active Directory · Introduction to Active Directory ... Active Directory is based on LDAP. ... Active Directory Sites and Services

Documents
PingFederate Integration with Azure Active Directory … · | Prepare Azure Active Directory | 6 Prepare Azure Active Directory • Sign up for Azure Active Directory and Office 365

PingFederate Integration with Azure Active Directory … · | Prepare Azure Active Directory | 6 Prepare Azure Active Directory • Sign up for Azure Active Directory and Office 365

Documents
FindingPrivilegeEscalations withstrace& SysInternals · FindingPrivilegeEscalations withstrace& SysInternals ... 3.Strace. Basics. Basics WhatisPrivilegeEscalation? „Privilegeescalationistheactofexploitingabug,designflaw

FindingPrivilegeEscalations withstrace& SysInternals · FindingPrivilegeEscalations withstrace& SysInternals ... 3.Strace. Basics. Basics WhatisPrivilegeEscalation? „Privilegeescalationistheactofexploitingabug,designflaw

Documents
Beyond the MCSE: Active Directory for the Security …...Administration There are several methods for interactive with Active Directory. Active Directory Users & Computers Active Directory

Beyond the MCSE: Active Directory for the Security …...Administration There are several methods for interactive with Active Directory. Active Directory Users & Computers Active Directory

Documents
Network Architecture & Active Directory … Architecture & Active Directory ... contents/articles/active-directory-replication-over ... Network Architecture & Active Directory Considerations

Network Architecture & Active Directory … Architecture & Active Directory ... contents/articles/active-directory-replication-over ... Network Architecture & Active Directory Considerations

Documents
Active directory basics- active directory

Active directory basics- active directory

Technology
Active Directory Upgrade - cisco.com · Active Directory Upgrade • MigrateActiveDirectoryandDNS,page1 • UpgradeActiveDirectoryandDNS,page5 Migrate Active Directory and DNS

Active Directory Upgrade - cisco.com · Active Directory Upgrade • MigrateActiveDirectoryandDNS,page1 • UpgradeActiveDirectoryandDNS,page5 Migrate Active Directory and DNS

Documents
Active Directory 101 Manage and Maintain Active Directory ... · Active Directory Domains vs. Forests • Active Directory Domains – Administrative boundary – Group Policy boundary*

Active Directory 101 Manage and Maintain Active Directory ... · Active Directory Domains vs. Forests • Active Directory Domains – Administrative boundary – Group Policy boundary*

Documents
Active Directory and Windows - oracle.com · Active Directory for Name Resolution Overview •Store and resolve Net names through Active Directory –Active Directory is used instead

Active Directory and Windows - oracle.com · Active Directory for Name Resolution Overview •Store and resolve Net names through Active Directory –Active Directory is used instead

Documents
Understanding Active Directory Domains and Trusts …...Understanding Active Directory Domains and Trusts Active Directory Active Directory is the Microsoft implementation of directory

Understanding Active Directory Domains and Trusts …...Understanding Active Directory Domains and Trusts Active Directory Active Directory is the Microsoft implementation of directory

Documents
Administering Active Directory · 2013-10-09Administering Active Directory

Administering Active Directory · 2013-10-09Administering Active Directory

Documents
Active Directory Forest Recovery · Active Directory Forest Recovery Contents 1. Introduction 2. Active Directory Components 3. Possible Active Directory Disasters 4. Recovery of

Active Directory Forest Recovery · Active Directory Forest Recovery Contents 1. Introduction 2. Active Directory Components 3. Possible Active Directory Disasters 4. Recovery of

Documents
How the Active Directory Replication Model Works_ Active Directory

How the Active Directory Replication Model Works_ Active Directory

Documents
Active Directory

Active Directory

Documents
1 Installing and Configuring Active Directory Preparing for Active Directory Installation Installing and Removing Active Directory Verifying Active

1 Installing and Configuring Active Directory Preparing for Active Directory Installation Installing and Removing Active Directory Verifying Active

Documents
Introduction to Active Directory Q. What is Active …saintangelos.com/studentdesk/Download/Interview Questions active...Introduction to Active Directory Q. What is Active Directory?

Introduction to Active Directory Q. What is Active …saintangelos.com/studentdesk/Download/Interview Questions active...Introduction to Active Directory Q. What is Active Directory?

Documents
Active Directory Windows2003 Server. Agenda What is Active Directory What is Active Directory Building an Active Directory Building an Active Directory

Active Directory Windows2003 Server. Agenda What is Active Directory What is Active Directory Building an Active Directory Building an Active Directory

Documents
Active Directory

Active Directory

Documents
Tutorial Sysinternals Suite.doc

Tutorial Sysinternals Suite.doc

Documents
Active Directory Infraestrutura do Active Directory

Active Directory Infraestrutura do Active Directory

Documents