Frequently Asked Questions.
Quick answers about security, privacy, compatibility, and licensing. Don't see your question? Email support@corestratagems.com.
Security & Privacy
Does AD Auditor save any personally identifiable information?
AD Auditor stores a small amount of user-account data in its local configuration database, specifically:
- Usernames added to per-check exclusion lists (so the same account isn't flagged again on the next scan)
- Aliases mapping AD account names to HR roster names
These are stored without any domain prefix or other identifying context, so on their own they cannot be tied back to your AD environment. AD Auditor does not save scan results, full user attributes, passwords, or any other personal data, and none of this data ever leaves the machine.
Does AD Auditor send any data anywhere?
No. AD Auditor is designed to operate fully offline. The only network connection it makes is to your own Domain Controller using the credentials you provide. Your scan results, AD data, HR census data, and saved credentials all stay on the machine you installed it on. There is no phone-home, no telemetry, and no cloud component.
What permissions does AD Auditor need in Active Directory?
A standard read-only domain user account is sufficient for every check the tool ships with. We recommend creating a dedicated low-privilege service account rather than using your domain admin credentials.
Does AD Auditor modify Active Directory in any way?
No. AD Auditor is strictly read-only. It performs LDAP queries to identify findings but never writes back to AD. All remediation is left to you.
Where does AD Auditor store its data on my computer?
Everything lives under %APPDATA%\ADAuditTool\:
audit_config.db— configuration databaselicense.lic— your imported license (when applicable)ad_audit.log— diagnostic log, capped at ~15 MB
Nothing is written outside your user profile.
Compatibility & Installation
Windows Defender SmartScreen says "Unknown publisher" — is this safe?
Yes. Windows SmartScreen warns about executables it hasn't seen downloaded by enough people to vouch for. Because AD Auditor is published by a small software company without a code-signing certificate yet, new downloads always trigger this warning.
To proceed, click More info in the dialog, then click Run anyway. The warning won't return on the same machine for that version.
My antivirus has marked AD Auditor as unsafe — what should I do?
This can happen occasionally due to overly broad antivirus heuristics. Send a screenshot of the antivirus message to support@corestratagems.com and we'll help you raise a false-positive report with the vendor.
Does AD Auditor need to be installed?
No. AD Auditor is a single portable executable. Download AD_Auditor.exe, double-click it, and it runs. No installer, no setup wizard, no admin rights required.
Can I run AD Auditor on Linux or macOS?
Not currently. AD Auditor is a native Windows desktop application and uses a few Windows-specific APIs. A cross-platform port is not on the roadmap.
Does AD Auditor work with Azure AD / Entra ID?
No. AD Auditor audits on-premises Active Directory via LDAP. Entra ID has a different administration model and API and is not supported.
Licensing
How does the free trial work?
The first time you launch AD Auditor, a 14-day free trial starts automatically — no signup, no email required. You get full access to every feature during the trial.
What happens when my trial or annual license expires?
For annual licenses there is a 14-day grace period — the app keeps working normally but reminds you to renew. After the grace window the app locks until you import a new license. Trials lock immediately at day 14 (no grace).
I lost my .lic file — what do I do?
Email support@corestratagems.com from the address you purchased under and we'll re-send it.
Can I get a refund?
Yes. Within 30 days of purchase, if AD Auditor doesn't work for your environment, email sales@corestratagems.com and we'll refund you. After 30 days, refunds are at our discretion.