LUSER (originally short for 'Lookup User') is best described as a sort of swiss army knife for sys admins and I.T support staff (find a logged on user’s machine from their username, run various operations on remote machines, comprehensive AD reporting, network utilities, NMAP network scanning, make bulk NTFS changes, strong crypto functions … … ).

Luser is used in IT departments all over the world. It’s quite a crude looking utility really; there’s no fancy GUI for the main front end, but once you learn the features it’s quick to get around and it’s extremely useful.

Luser took up a fair bit of my time to develop and implement fixes and features, and since it was free I didn’t get a great deal of donations (though thanks to those who did donate). I’ve changed the usage to a paid license model for businesses (can evaluate free for 30 days) and free for non-profit non-government organisations or charities.

Luser is a self-contained .exe that strings together a lot of separate functions and scripts in the background. As such, some AV can report false positives.

DOWNLOAD LUSER + User guide (Oct 2016, to be updated)

To get in touch regarding bug reports or licensing requests, please contact me at :


.., 3.77
- Updated NMAP to 7.50
- Updated Veracrypt to 1.21

- Added option to process existing NMAP XML files (supports HTML + CSV reporting)
- Changed NMAP XML view option to a 'Save As' option
- Updated NMAP to version 7.30

- Added Extended Scan option for NMAP
- Replaced 'Condensed View' NMAP output option with custom CSV output

3.71 - 3.72
- Added NMAP verbose output and hitting RETURN during scanning shows scan progress
- Added Plain Text Full Report to NMAP output options
- FIX: Logon Audit remote OS detection fixed. Added Windows 10 Logon Audit comaptibility

3.6 - 3.7
- Added NMAP output formats (full HTML report, 'greppable' line by line view, or raw XML)
- Added more NMAP options : Fast scan, Aggressive scan, custom port scan, TLS/SSL Info/Cipher Scan
- Added NMAP Host Discovery ON|OFF toggle feature. ON=NMAP will only scan hosts determined as 'up' via ICMP/SYN/ACK packets. OFF=All hosts scanned regardless.
- Added Traceroute with Geolocation function in NMAP

3.3 - 3.5
- Updated all tools
- Removed old Port Scan function. Replaced with NMAP and new NMAP menu : Added Default Port Scan, more options to come.
- Added optional install of WinPcap driver for NMAP
- VeraCrypt 1.18a added
- FIX: User Search function in AD menu now works properly when searching partial criteria

- Logon Audit (‘LA’) now works with other OS versions, not just XP
- Updated to latest version of utils and GnuPG (1.4.18)

- Added TCP/IP Packet Sniffer to Utilities

- Removed Unlock XP Workstation feature; it was a controversial addition and too many AV false positives.
- Auto set window size, position and buffer parameters on launch
- Updated external tools.
- Added “Managed By”, “Hidden from GAL” “description” and “Memberof” to Export Groups function
- FIX : Changed the way LUSER manages column separation in CSV output.
- Added ability to escape from 'Find Host From Usernmae' by holding down either CTRL key - handy if you have a large server list to search.
- Added automatic “run as administrator” to .exe.
- Removed need for domain.txt and dnssuffix.txt config files; this info is now acquired from your domain login details.
- Only warns about a missing servers.txt file when trying to search, rather that on program launch
- Now only free for non-profit non-gov organisations or for 30 days evaluation. License required for corporate use beyond evaluation period.

Previous Changes:
- Added Export Photo feature in AD tools, and you can now view a Users photo in User Info if it exists
- Added Remote Session info feature for the user search and TS functions. This reports on ICA and RDP TCP connections to establish what the originating IP/hosts are.
- Optimisations for Windows 8 / Server 2012 (can now run multiple instances of LUSER correctly).
- Added “Export Groups” feature in AD tools.
- General improvements: Enlarged OU Selector GUI, added more output fields in User search (in AD tools), added more details to “Domain Info” feature.
- Added ability to run a custom AD query on a list of objects you provide.
- Changed “display members of a group” to now only show users (not nested groups)
- Can now launch the Organizational Unit viewer from the INCLUDE/EXCLUDE DN area for convenience.
- Updated various utilities to the latest version (found in Utilities menu)
- Fixed killing Terminal Services sessions.
- “Devices” now works for remote Vista/Win7 workstations
- Added IP Range ping and DNS resolver
- Added IP range TCP / UDP port scanner
- Re-written the User/PC search routine. It will now interegate all sessions found on servers that belong to the user, not just the first one per server.
- Added a “DISCOVER SERVERS TO USE FOR SEARCH” feature - this automatically discovers the best servers in your organisation to use for the search function
- Many small fixes : RSOP now works from Win 7+ , corrected AD Custom Query help file, internal changes to make search quicker when ignored servers are encountered.
- Can now optionally search on a users’ display name instead of their username. Partial names can be specified. If multiple users are returned you will be prompted to select the one you want to search on.
- Added a Utilities menu (available from main menu) which contains various system and network tools.
- A handy Help document detailing query filters and object atrributes is now available from the Custom Query function in AD tools.
- Re-written how LUSER handles DNS lookup / Reverse lookup when a user PC is found (thanks to Mathias for the bug report).
- Added “Show Exchange Servers In Use” feature in AD FUNCTIONS menu
- Added “OU Viewer Utility” in AD FUNCTIONS menu (can quickly copy Distinguished Names of OU’s)
- Fixed some bugs when displaying Active Directory attributes for users.
- Re-written how LUSER handles temp files; each LUSER instance is now completely independant and can be run multiples times simultaneously.
- Added new Active Directory Functions menu: Domain info tools and comprehensive reporting on Active Directory.
- Fixed the installing / removing of TightVNC for 64 bit target machines. See user guide for the registry keys required for custom settings
- Now uses TightVNC for VNC install (will work with Vista / Win7 clients). Can now chose which port to connect on.
- No longer needs the Server Admin Tools Pack to be installed to query Active Directory. LUSER is now self sufficient for AD lookup.
- LUSER now runs better on 64 bit operating systems; no longer gives an error when perfoming some functions
- When querying a users group membership (“M”) there is now an option to show all inherited group memberships.
- Fixed various bugs