Introduction

ADInsight

ADInsight Copyright © 2007 Mark Russinovich and Bryce Cogswell
Sysinternals - www.sysinternals.com
 

ADInsight is an advanced monitoring tool for Windows that shows real-time file client-side Active Directory (LDAP - Light-weight Directory Access Protocol) activity. Using ADInsight, you can troubleshoot permissions, performance, and configuration issues that affect AD-enabled applications, such as Exchange and SQL Server.

ADInsight uses DLL injection techniques to intercept calls that applications make in the Wldap32.dll library, which is the standard library underlying Active Directory APIs such ldap and ADSI.   Unlike network monitoring tools, ADInsight intercepts and interprets all client-side APIs, including those that do not result in transmission to a server. ADInsight monitors any process into which it can load it’s tracing DLL, which means that it does not require administrative permissions, however, if run with administrative rights, it will also monitor system processes, including windows services.  

ADInsight runs on Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008.