ADInsight – Insight for Active Directory

ADInsight is an LDAP (Light-weight Directory Access Protocol) real-time monitoring tool aimed at troubleshooting Active Directory client applications. Use its detailed tracing of Active Directory client-server communications to solve Windows authentication, Exchange, DNS, and other problems.

ADInsight - Insight for Active Directory
ADInsight – Insight for Active Directory

The tool uses DLL injection techniques to intercept calls that applications make in the Wldap32.dll library, which is the standard library underlying Active Directory APIs such ldap and ADSI. Unlike network monitoring tools, this tool intercepts and interprets all client-side APIs, including those that do not result in transmission to a server.

ADInsight monitors any process into which it can load it’s tracing DLL, which means that it does not require administrative permissions, however, if run with administrative rights, it will also monitor system processes, including windows services.

User may search for particular event to identify the root cause for the errors. next may generate an HTML format report for the active directory monitored LDAP API Calls. this will actually produce a large amount of events and it will be important to filter events not related to the actual client while it will allow sysadmin to troubleshoot Active Directory client applications.

You can read more and download this tool over here: https://docs.microsoft.com/en-us/sysinternals/downloads/adinsight

Share