ADInsight for Active Directory

Mark Russinovich and Bruce Cogswell of Sysinternals fame have release ADInsight for Active Directory as one of the free utilities on their Microsoft Site. This tool I like to call the MRI Scan for AD. It uses DLL injection techniques into all processes to watch for WLDAP32 transactions. WLDAP32 is where Microsoft implements the LDAP API. You can see how your application talks to AD and what responses are returned. This capability can be invaluable in many application design scenarios when you can't figure out why your app's conversation with AD is spitting errors or even general troubleshooting to see "under the covers".

The Application is very similar to Regmon and Filemon in it's GUI and if you've used either before ADInsight should feel familiar.

The great thing I also see is you can Rt Click on an call sent to the directory and click on event information which takes you to an MSDN site with an explanation of the transaction. This can be an excellent learning tool as well!

If the tool is pointed against an Active Directory where lots on calls are taking place, you can also filter events with the same flexibility available in Filemon and Regmon.

The Process Filter allows the selection of processes to include or exclude there is also a transaction filter for those transactions that you want to view. This selection is made so much easier by the transaction group filter which allows the viewing of a collection of transaction e.g. connects. If a group is chosen, all applicable transactions are selected in the transactions list.

This is definitely another necessary tool in the arsenal of anyone working with Active Directory.