How to use AD-Browser
- Start AD-Browser
- Show Containers, Configuration and Schema
- Browse © Active Directory (OU)
- Search © Active Directory
- Change the Search Filter (predefined Filters)
- Delete a Column
- View Properties
- Export List View
- Export Tree View
- Export all Group Policies
1. Start AD-Browser
Use a PC which was joined to the Domain to start AD-Browser
(adbrowser.exe ) as Domain User or Domain Admin.
AD-Browser shows Organizational Units (OU) in Tree View .
2. Show Containers, Configuration and Schema
Use menu Show/Containers, Configuration and Schema to see
the containers in the Tree View .
3. Browse © Active Directory (OU)
In the Tree View click an OU or a CN.
The properties of the item are shown in the
List View .
4. Search © Active Directory
To search Active Directory click in the
Tree View to select an OU to start.
Next you may Change the Search Filter (predefined Filters).
Now press the ENTER Key or .
The cursor changes to a hourglass while searching. The number of objects
found is displayed in the Statusbar.
Use this check box to see all attributes
This means: Show all attributes for the objects found in the current OU.
Use adbrowser.cfg to specify a list of prefered attributes.
Use this check box to specify the search dept.
This means: Search in the whole tree under the selected OU or CN in Tree View.
To compare ADsPath you can cut the LDAP object prefix with

Use to
navigate in the history hold by AD-Browser (visted OUs and CNs).
5. Change the Search Filter (predefined Filters)
The second ComboBox contains the following
standard filtes:
cn=*
objectClass=computer
objectClass=group
objectClass=user
objectClass=printQueue
objectClass=mSMQConfiguration
objectClass=groupPolicyContainer
Use adbrowser.cfg to extend this list of filters.
Predefined Filters
In the Menu Show the following filters are predefined:
Group Members (all members of selected group)
Computers in current OU (not locked)
Locked Computers in current OU
Users in current OU (not locked)
Locked Users in current OU
The LDAP search syntax allowes to build further search filters that combine several criterias:
LDAP-Query |
Description |
sn=miller |
all users with surename 'miller' |
(&(objectClass=user)(mail=*test.com)) |
all users with a mail attribute that contains 'test.com' |
(&(objectClass=user)(!(mail=*))) |
all users with an empty mail attribute (not set) |
(&(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2)) |
all locked users |
(&(objectClass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) |
all not locked computers |
6. Delete a Column
To delete a column in List View do a
right mouse button click on the List View Header.
7. View Properties
To view object properties do the following:
- Mark an object in
List View
- A double click will show the
Properties in the Web-Browser
- If the object is a
groupPolicyContainer
AD-Browser will try to show more details:
- Registry entries (machine, user)
- Preferences (machine, user)
- Scripts (startup, logon, logoff, shutdown)
- Security settings (machine
gpttmpl.inf )
- Folder redirection (user
fdeploy.ini )
- MSI Files to be deployed via GPO
- If the object is a
group all group members are shown
in the row member
also for a large number of members (member;range ).
8. Export List View
To export the current List View choose
File/Save List View (*.htm) from the menu.
This will create a HTML table.
If you specify a *.txt file a TAB
seperated Textfile wil be created.
9. Export Tree View
To export the current Tree View choose
File/Save Tree View (*.txt) from the menu.
This will save a TAB seperated Textfile.
10. Export all Group Policies
To export all Group Policies choose
File/Save all GPOs in a folder from the menu.
|