Chat now with support
Chat with Support

Security Explorer 9.8 - Release Notes

Quest® Security Explorer® 9.8

Quest® Security Explorer® 9.8

About this release

Security Explorer® provides a single console for managing access controls, permissions, and security across Microsoft platforms that span multiple servers. The product provides a broad array of security enhancements including the ability to identify who has rights to resources across the entire organization. It also provides the ability to grant, revoke, clone, modify, and overwrite permissions quickly and from a central location.

Unlike native tools, Security Explorer provides the ability to back up and restore permissions only, ensuring the integrity of data. To help meet auditing requirements, Security Explorer provides convenient reports that can be generated at your convenience. Lastly, the product's cleanup capabilities address common post-migration security issues.

Security Explorer 9.8 is a minor release, with enhanced features and functionality. See New features and Enhancements.

Supported platforms

NTFS Security

Share Security

Registry Security

Printer Security

Service Security

Task Management

Group & User Management

Windows XP

Windows Vista®

Windows 7

Windows 8

Windows 8.1

Windows 10

Windows Server® 2003

Windows Server 2008

Windows Server 2008 R2

Windows Server 2012

Windows Server 2012 R2

Windows Server 2016

NTFS Security

Share Security

Group & User Management

Dell™ Fluid File System (FluidFS)

EMC® Isilon®

EMC Celerra®


NetApp® 8.2 (7-Mode and Clustered Mode)

NetApp 8.3, 9.0, 9.1 Clusters

NOTE: vsadmin must be entered in NAS credentials dlg for full management of NetApp Clusters 8.2, 8.3, 9.0, 9.1.

SQL Security

SQL Server® 2017

SQL Server 2017 Reporting Services

SQL Server 2016

SQL Server 2014

SQL Server 2012

SQL Server 2008 R2

SQL Server 2008

SQL Server 2005

SharePoint Security

SharePoint® 2016

SharePoint 2013

SharePoint 2010

SharePoint Foundation

SharePoint 2007

SharePoint Services 3.0

Exchange Security

Exchange 2016

Exchange 2013

Exchange 2010

Exchange 2007

Active Directory Security

Windows Server® 2016 Functional Level

Windows Server 2012 R2 Functional Level

Windows Server 2012 Functional Level

Windows Server 2008 R2 Functional Level

Windows Server 2008 Functional Level

Windows Server 2003 Functional Level

New features

New Active Directory Security module: The new Active Directory Security module gives you the ability to manage Active Directory® permissions. You can grant, revoke, clone, modify, delete, export, backup and restore permissions on Active Directory objects. You also can search for permissions, back up and restore permissions, and generate reports. If you are also using Quest® Enterprise Reporter®, you can launch Security Explorer® from within Enterprise Reporter and use the new Active Directory Security module.
View Active Directory permissions: When you open the Active Directory Security module, Active Directory loads the Active Directory objects for the specified domain. You can easily drill-down to view permissions on a specific object.
Search Active Directory: Search Active Directory for the name of a principal, and choose from the following options to include in the results:
Manage permissions on Active Directory objects: You can grant, revoke, clone, modify, and delete permissions on Active Directory objects.
Back up and restore permissions on Active Directory objects: As with all other Security Explorer modules, you can back up and restore permissions on Active Directory objects. The Security Explorer Active Directory Backup File has the .adb extension. You also can use the back up scheduler to schedule the backup.
Export permissions on Active Directory objects: By default, permissions are exported to a report, which you can save, print, or export. You can generate a report or export permissions to a delimited file for use with Microsoft® Excel®. This report is useful when you are asked to see which users have access to a specific Active Directory path.
Added the ability to purge backup files (Security | Purge Backup Files) and a Purge Backup Scheduler to manage scheduled purges of backup files (Security | Purge Backup Scheduler).
Added the ability to set alternate credentials for workgroup computers. Select to show workgroups in the navigation pane in Tools | Options | View, and then use the Workgroup tab to set alternate credentials (Tools | Options | Workgroup).
Bulk removal of permissions: NTFS Security module only. You can now use the Search module to easily delete both explicit and inherited permissions on a specific user on specified folders.
Using the Search tab, set the search scope to C:\Customer, browse to find Peter’s account, select to search for both Inherited Permissions and Explicit Permissions, add *Internal* as a folder search criteria, and click Search. All permissions that belong to Peter on all folders with Internal in the name display. From the search results, delete selected permissions.
SQL Server® 2017
Retry options for resetting password: To help you manage password resets, several features were added to the Group and User Management module.
To help you quickly change the passwords on local administrator accounts, a new check box was added to the Group/User Search Criteria tab. Select Search for local administrator accounts, and run the search. From the search results, right-click the results, and choose Change Password.
If any password resets failed, you can select to save failed computers to a search scope to repeat the search with only the failed computers. Select Save Failed Computers to Scope, and repeat the search. Right-click the results, and choose Change Password.
A new column was added to the Object and Search Result panes that shows the date the password was last set so you can easily see which passwords were reset versus those that may have failed.
Modify registry values: In the Registry Security module, you can now add, modify, and delete values in a selected registry key. You also can save the list of values to a .TXT file. Open the Registry Security module, open the Browse tab, select a registry key, and select Tools | Display Registry Values. Use the buttons to modify the values in the registry key.
To quickly find a registry key, use the new Registry Key Search Criteria tab in the Search module. Just type in a string using the * or ? wildcards to locate a registry key. From the results list, right-click a registry key, and choose Display Registry Values to modify values or Delete Registry Key to delete the key.
Enhancements to SXPExport.exe: Several options were added to the command line program.
/columns allows you to indicate which columns to include in the exported spreadsheet or report.
/exclusion allows you to indicate paths to folders and files to exclude from the export.
/showgroupmembers allows you to exclude or include nested groups and Domain Users group members from the exported spreadsheet or report.
Added the ability to log exceptions when running scheduled tasks. If a task runs normally. it is not logged. The log file name format is {call_exe_name}_{datetime}.log. Logs are located at C:\Program Files\Quest\Security Explorer\v9\Logs.
Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
What's New
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents