Chat now with support
Chat with Support

Security Explorer 9.8 - Release Notes

Hardware requirements

 
Table 12. Hardware requirements
Requirement
Details

Processor

Pentium® 600MHz or faster

Memory

1 GB

Hard disk space

550 MB

Operating system
Windows® 7
Windows 8
Windows 8.1
Windows 10
Windows Server® 2003
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016

Software requirements
.Net Framework v.4.0 or later
* 
NOTE: Install either the Full or Standalone version. Do not install just the Client Profile.

User privilege requirements

It is recommended to be a member of the local Administrators group to use all the features in Security Explorer®. However, it is possible to run Security Explorer without being a member of the local Administrators group.

 
Table 13. Requirements to enable permission management
Module
Requirement

NTFS Security

To manage permissions on folders and files on remote computers, the file and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer.

Share Security

To manage permissions on shares on remote computers, the file and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer.

Registry Security

To manage permissions on registry keys on remote computers, the file and print sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer.

Printer Security

To manage permissions on printers on remote computers:
The Printer Spooler service must be running on the target computer.
The file and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed.

Service Security

To manage permissions on services on remote computers, the file and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer.

Task Management

To manage tasks on remote computers, the file and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer.

Group and User Management

To manage groups and users on remote computers, the file and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer.

SharePoint® Security

To manage permissions on servers running SharePoint, the SharePoint site must be on the same network as the computer on which Security Explorer is installed.

To manage SharePoint sites exposed over SSL (https://), add the certificate of the server running SharePoint to the Trusted Root Certification Authorities store on the computer with Security Explorer installed.

To deploy and remove Security Explorer Web Services, and to search for SharePoint sites automatically, the current user must be a member of the Administrators local group on the servers.

SQL Server® Security

To manage permissions on servers running SQL Server:
Current user must be a member of the Administrators local group on the server.
Windows® Firewall on the server must be configured to allow SQL and WMI.

For more information please refer to: Configure the Windows Firewall to Allow SQL Server Access at http://msdn.microsoft.com/en-us/library/cc646023.aspx.

Exchange Security

To manage permissions on the Exchange organization, the Exchange organization must be on the same Active Directory® forest as the computer on which Security Explorer is installed.

Active Directory Security

To manage permissions on the domain, the domain must have a trusted relationship with the current domain on which the user is logged on.

See Setting Options for Active Directory Security In the Security Explorer 9.8 User Guide.

Minimum permissions for Access Explorer

 
Table 14. Minimum permissions for Access Explorer
Account
Requirement

Logged in user
To install the Access Explorer agent, the user must have administrator access on the local computer.
To create the Access Explorer database, the logged in user (Windows® Authentication) or SQL account must have rights to create databases, logins, and groups on the computer running SQL Server®.
Must have rights to create groups in Active Directory®.
Must be able to enumerate the targets during scope selection.

Security Explorer service account
Must have Login as service right on the computer on which it is being installed.
Will be automatically granted Read and Write permissions on the Security Explorer database (Windows Auth.)
If the server is configured to use SQL authentication, the SQL credentials will be used to access the database instead of the service account.
Must be able to write to the Admin$ share to deploy the node (local admin rights)

Service accounts for managed computers
Local Administrator rights for managed computers is recommended.
To create the database, Sysadmin rights on the computer running SQL Server are required. Once the database is created, the service account can be granted dbowner rights on the database alone.
The database has to be created using the wizard in Security Explorer.
Full Administrator rights are required on the Netapp filer / EMC
Must be able to do group expansion and SID resolution for managed accounts and their membership (Domain Admin recommended).
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating