Find and close the holes in your network security with RMR for Active Directory!


What’s that, you say? Holes in my network security? It's true, even if you're paying big money for firewalls and other security tools, virtually everyone has security flaws in their Active Directory network. And not tiny flaws either, but real issues that have led to real security breaches in networks just like yours. But we have great news for you, because today we are announcing our latest product, RMR for Active Directory.

RMR is like a virus scanner for AD, designed to scan your entire network and expose security issues, mis-configurations, and hidden back doors. And, unlike most security tools, RMR helps you fix the problems it finds with automated one-click fixes and manual instructions for those who prefer a more human touch.

And here’s the best part: you can download RMR today, 100% free of charge. The product is in beta, so we’re able to release it with a fully-functional trial, as well as offer a screaming deal for when it’s officially released. Anyone that tries out RMR for Active Directory today, while it’s still in beta, and completes a short survey will receive a 50% discount off their purchase.

Our latest update features a new category of reports to help you identify common security holes


Today, Javelina is proud to announce the next version of ADsecurity, a specialized tool for documenting and repairing issues with your network security. ADsecurity 8 is absolutely loaded with new reports, containing over 5 times as many reports as previous versions of the program. New reports include the ability to report on Exchange 2016 mailbox permissions, and to locate specific permissions like Delete, Full Control, or Reset Password anywhere they appear across your network. Especially noteworthy are the reports in a new folder called Alerts, which have been purposefully crafted to help you identify areas of your network with common security flaws, like:

  • Non-default security rights. Objects with rights that do not come from object defaults in the schema or AdminSDHolder object.
  • High-risk Trustees. Trustees appearing on ACLs that grant rights to all or most objects in Active Directory (Everyone, Authenticated Users, etc)
  • Inheritance Issues. Objects with irregular inheritance settings on their ACLs.
  • Unusual Owners. Objects whose owner field is set to a non-administrator.
  • any many more...

Of course, we haven't created hundreds of new reports without also giving administrators a quick way to find the ones they need. In a big change from past versions, reports are now organized within subfolders, with related reports appearing together in the tree. Additionally, when selecting a folder from the report tree, you'll see a description of the folder on the right side of the screen, which describes the contents and purpose of the reports within the folder, as well as any prerequisites that must be met in order to successfully run the reports. Administrators can add their own notes to these pages too, giving them a convenient place to store usage reminders, or to share information with other ADsecurity users.

An alternative for budget-conscious administrators provides bulk management for the "big three" Active Directory object types


Javelina is proud to announce today the release of ADHQ Lite, the latest addition to our ADHQ family. Built on the same foundation as the Professional and Enterprise editions of the product, ADHQ Lite includes all of the tools needed to manage your Active Directory users, groups, and contacts, in bulk from a simple, familiar user-interface. Browse through Active Directory from the Home View to view and modify the properties of individual objects, or take advantage of a powerful attribute-level search and replace feature to easily identify and update values throughout your network. And of course, ADHQ Lite provides flexible task scheduling so you can run these tools as often as your heart desires.

The shining jewel of ADHQ Lite is its Collections view, a powerful interface designed specifically for creating and modifying dynamically-defined sets of Active Directory objects. Collections can be specified explicitly with a list of objects in an import file, or defined with a filter to ensure the set of objects is always up to date. Simply select one of dozens of built-in collections, and take immediate action on objects scattered throughout your directory. Ever wanted to send an email to everyone with outdated passwords? Open the "Users with Old Passwords" collection and select the "Send an Email" tool from the ribbon. A couple clicks to customize the message, and the job is done. Spending hours updating user accounts, group membership, and even outdated business contact records just became a relic of the past.

A benefit of being built on the same foundation as the rest of the ADHQ family is that ADHQ Lite inherits some great new features from ADHQ Professional and Enterprise editions. Included in this list is the ability to create and manage Exchange 2016 mailboxes, a new Undelete tool for restoring accidentally-deleted objects, and a set of features for managing hybrid Active Directory/Office 365 environments.

New Exchange 2016 and Office 365 reports stand out among new built-in reports


Javelina is proud to announce today the latest edition of our Active Directory reporting tool, ADreporter. We've been hard at work adding lots of new features to the tool, and you'll be thrilled (we hope) to see the result. ADreporter 8.0 contains a large set of new common properties that can be reported on, or used to filter report results. Some new properties make it easier to report on common values of Active Directory attributes (Allow Logon Always, When Deleted, Is Password Expired, etc), while others expose brand new values to ADreporter administrators. The latter list includes several dozen new properties for Exchange 2016 and Office 365 environments, as well as some new security values like "Is Password Empty" to detect accounts with no passwords and "Inter Domain Trust Account"/"MNS Logon Account" to detect special purpose user accounts.

To properly show off these new properties, we've made a big change to the set of built-in reports. We've finally stepped away from our existing flat list of reports and moved into a complex folder structure. This change allowed us to add new reports without the root level of the report tree feeling overwhelming. In total, we've added over 320 new reports, all categorized into folders to show related reports together. Some long awaited new reports include "Users with Photos" (that's right, reports can show pictures now), "Passwords That Will Never Expire", and "Users Not Protected From Accidental Deletion".

A long-standing item on our enhancement list has been the ability to run scheduled reports more than once a day. This restriction has been in place to ensure compatibility with older operating systems, but the end of support for the affected systems allows us to take advantage of some more advanced scheduling options. In addition to running reports multiple times a day, ADreporter now allows users to set expiration dates for their tasks, and to choose whether tasks should be deleted automatically after that expiration date.

The next generation of ADtoolkit features big changes for multiple-user environments


Today, Javelina is announcing the next generation of ADtoolkit with the release of two new products: ADHQ 8 Professional and ADHQ 8 Enterprise. Built from the foundation introduced in ADtoolkit 7.0, these products continue Javelina's goal of simplifying Active Directory management for both single-user and multi-user environments. We've extended our Exchange support to Exchange 2016, and introduced new features to help users with hybrid Active Directory/Office 365 networks. Another big change is a brand new set of reports including some long-requested new arrivals like "User Photos" and "Users with Blank Passwords". ADHQ Reports are now sorted into folders, making it easy to locate related reports.

A highly anticipated feature is the Undelete tool, a way to quickly restore previously deleted Active Directory objects from the Deleted Objects folder. Simply select your accidentally deleted object from the Home View, then launch the Undelete tool to immediately bring the object back to life with the same account name and SID. Administrators of domains with a functional level of at least Server 2008 R2 can take advantage of the Active Directory Recycle Bin to have ADHQ recover almost all attributes of deleted user accounts, allowing users to get right back to work as soon as their account is undeleted.

ADHQ version 8.0 introduces automatic updates, which are enabled by default for new installations. This feature allows administrators to ensure that they are always running the latest version of the product, forgoing the need to manually check if new updates are available. Now in version 8.0, ADHQ will detect and download updates in the background while running, and install when the program is next launched.