Command line Active Directory query tool to pull some of the important security attributes for user and computer objects and output in CSV format. I have seen a large number of scripts taking advantage of this tool
Version 2.3.0 - August 19, 2002
Modification(s) from previous version
There are no local security requirements for running secdata. Information returned from Active Directory will be dependent on the security configured for the directory. With most directory configurations a normal user can usually return the data properly.
C++. Compiled with Borland Builder 6.0
Source Code Availability
I needed a tool to help me find where accounts were getting locked out. I wanted to write something generic so that I could use it for other functions as well. So secdata was created. Very simply little LDAP query tool that grabs and outputs the following fields:
sAMAccountName cn distinguishedName badPasswordTime badPwdCount lastLogon logonCount pwdLastSet PwdAge lockoutTime accountExpires createTimeStamp ObjAge modifyTimeStamp ModAge userAccountControl
The bolded attributes are generated by secdata based on some of the other attributes, for instance PwdAge is generated from pwdLastSet. Also userAccountControl is "decoded" in that it doesn't show you the raw useraccountcontrol, it shows you simple fragments that tell you the status such as NO_PWD_EXPIRE.
You do not have to supply the email address. I would like you to fill that in though so that I have an idea on how popular a tool really is. If I see 1000 downloads with 900 different email addresses I know it is more widespread than one that has 1000 downloads and 200 different email addresses because the same person needed to keep downloading it for some reason.
As seen in
Download and type SecData /?
See current usage screens