LDAP Viewer v3.1

What's New in v3.1

✨ Major Features

Specialized Domain Policy Viewer

Added dedicated support for domain_policy.json files. Instead of the generic view, ldapviewer now generates a tailored report highlighting critical domain policy settings:

• Password Policy: Max/Min password age, Min password length, Password history length, Password properties.
• Lockout Policy: Lockout duration, Lockout threshold, Lockout observation window.
• Account Quota: Machine Account Quota.
• Distinguished Name: Easy identification of the policy object.

Specialized Domain Trusts Viewer

Added dedicated support for domain_trusts.json files. The tool now renders a specific view for trust relationships with:

• Trust Details: CN, NETBIOS Domain name, Security Identifier.
• Trust Configuration: Decoded Trust Attributes, Trust Direction, and Trust Type.
• Visual Indicators: Clear presentation of trust relationships.

LDAP Viewer v3.0

What's New in v3.0

✨ Major Features

Statistics Dashboard

Introduced a comprehensive Statistics page providing deep insights :

• UAC Statistics: View distribution of UserAccountControl flags across all accounts
• LDAP Attribute Statistics: Analyze count and distribution of critical LDAP attributes
• General Statistics: Track total objects, account activity, etc.
• Interactive Distribution Charts:
  • Groups distribution visualization
  • UAC flags distribution breakdown
  • Operating system distribution analysis

Object Tagging System

Added right-click context menu functionality allowing you to:

• Mark objects as Owned for attack path tracking
• Flag objects as High Value Targets for prioritization
• Filter by owned/non-owned objects using the new General Filters
• Maintain a visual record of your penetration testing progress

Enhanced Security Groups Highlighting

Privileged security groups are now automatically highlighted in red for instant identification of high-value targets during assessments.

🎯 New Filters

UAC Filters

• Account Enabled: Quickly filter for active accounts (complement to existing "Account Disabled" filter)

LDAP Attribute Filters

• RBCD Delegation: Identify accounts configured with Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
• Unsupported OS: Detect systems running outdated or unsupported operating systems

General Filters

• Recently Created (30d): Find accounts created in the last 30 days
• Inactive Accounts (>90d): Identify accounts with no logon activity for over 90 days
• Never Logged In: Filter accounts that have never been used (logon count = 0)
• Owned Objects: Display only objects marked as owned
• Non-Owned Objects: Display objects not yet marked as owned

🔧 Improvements

Refined Kerberoastable Detection

• Enhanced Logic: Kerberoastable filter now requires both Has SPN AND Account Enabled status
• This improvement reduces false positives by excluding disabled accounts from kerberoasting targets

Better Display Readability

• samAccountName Display: LDAP entries now show samAccountName instead of distinguishedName by default
• Cleaner, more readable interface for faster account identification

LDAP Viewer v2.7

What's New in v2.7

✨ Major Features

Kerberoastable User Detection

Added visual identification of kerberoastable users with a 🎯 icon displayed next to usernames when they have Service Principal Names (SPNs).

👁️ Minimal View Mode

Introduced a new Minimal View toggle that displays only essential attributes (similar to ldapdomaindump output) for a more focused and streamlined experience. This feature works in both Detail View and Table View, allowing users to:

• Hide extended attributes and focus on core LDAP information
• Reduce visual clutter during analysis
• Maintain compatibility with traditional ldapdomaindump workflows
• Toggle between full and minimal views with a single click

🔧 Improvements

Enhanced UAC Flag Detection

• New combined UAC flag: Added PRE_CREATED_COMPUTER_ACCOUNT detection for identifying manually created computer accounts (combination of PASSWD_NOTREQD + WORKSTATION_TRUST_ACCOUNT)
• This flag highlights potentially vulnerable pre-created computer accounts with default passwords

Improved Search Functionality

• Enhanced search field design: Modernized the search input interface for better user experience
• Fixed search logic bugs: Resolved search filtering issues that were preventing accurate results
• Better search responsiveness: Improved search performance and accuracy

LDAP Viewer 2.6

What's New in v2.6

✨ Major Features

Users by Group View

A new interactive view has been added to filter and organize users by their group memberships.

Enhanced Group Chip Categories

Extended the group chip color-coding system with a new category for remote access groups.

• Admin groups (red): Domain Admins, Enterprise Admins, etc.
• User group (blue): Domain Users
• Remote access groups (orange/yellow): "Remote Management Users" and "Remote Desktop Users"
• Other groups (gray): Custom groups and other types

🔧 Improvements

Enhanced Console Output

Redesigned console messaging for better clarity and user experience

LDAP Viewer v2.5

What's New in v2.5

✨ Major Features

Group Chips Display

User groups are now displayed as visually appealing "chips" next to each entry name in detail view

• Groups are extracted from both memberOf and primaryGroupID attributes
• Color-coded chips based on group type:
  • Admin groups (red): Domain Admins, Enterprise Admins, etc.
  • User group (blue): Domain Users
  • Other groups (gray): Custom groups and other types

Cleaner Entry Naming

Entry names are now intelligently formatted using the cn attribute or extracted from Distinguished Names for cleaner, more readable display

LDAP Viewer 2.4

What's New in v2.4

✨ Major Features

Full UserAccountControl (UAC) Flags Display

• Added all UAC flags next to the userAccountControl attribute in the detail view.
• Each flag is now displayed with:
  • Severity color coding (info, warning, critical, security) for quick identification.
  • Human-readable name (e.g., ACCOUNTDISABLE, LOCKOUT).
  • Description explaining what each flag means.

New Filter: “See Default Objects Only”

• Added a new General filter option that displays only default Windows objects (RID <= 1000).

Multiple File Support

• You can now launch LDAP Viewer with multiple .json files at once.

python ldapviewer.py *.json

LDAP Viewer v2.3

What's New in v2.3

✨ Major Features

Complete Filter System Redesign

• New Modal-Based Filter Interface: Filters are now organized in a clean modal
• Tabbed Filter Organization: Three dedicated tabs for better organization

Enhanced User Experience

• Active Filter Chips: See all active filters at a glance with removable chips
• Filter Counter: Real-time counter showing number of active filters
• One-Click Clear: "Clear All" button to reset all filters instantly

Github Icon

• GitHub Integration: Added GitHub logo linking to the repository

Full Changelog: v2.2...v2.3