Chat now with support
Chat with Support

Security Explorer 9.8 - User Guide

Getting Started with Security Explorer Managing permissions Searching Managing security Managing objects
Managing folders and files Managing shares Managing registry keys Managing services Managing tasks Managing groups and users Managing Favorites Managing Enterprise Scopes Updating licenses Managing network drives
Working with Microsoft SQL Server Working with Microsoft Exchange
Checking minimum requirements Viewing Exchange permissions Granting Exchange permissions Revoking Exchange permissions Cloning Exchange permissions Searching for Exchange server objects and permissions Backing up and restoring Exchange server security Modifying Exchange permissions Managing Exchange group memberships Exporting Exchange security permissions Creating Exchange databases Creating public folder mailboxes Managing Exchange administrators Managing Exchange distribution groups Managing mail contacts Managing mail users Managing mailboxes Managing mailbox folders Managing public folders Using role based access control Setting options for Exchange security
Working with Microsoft SharePoint Working with Access Explorer Working with Microsoft Active Directory Customizing Security Explorer Using the command line Using PowerShell cmdlets Troubleshooting

Setting alternate credentials for workgroups

Group and User Management module only. Use alternate credentials to specify additional accounts that have administrative privileges to various computers on your network. Each account in the list is tried in the order listed until an account is found with sufficient privileges. If no account is found with administrative privileges, Access Denied is displayed.

By default, Security Explorer uses the credentials of the logged-in user. Alternate credentials are used only for command processing, such as management operations, and not for search operations, which are executed under the logged-in user’s account.

NOTE: To use alternate credentials for workgroups, you need to select the Show Workgroup collection check box on the View tab in Security Explorer Options. See Setting view options.
1
Choose Tools | Options, and open the Workgroup tab.
a
Click Add.
e
4

Setting alternate credentials for services and tasks

Use alternate credentials to specify additional accounts that have administrative privileges to various computers on your network. Each account in the list is tried in the order listed until an account is found with sufficient privileges. If no account is found with administrative privileges, Access Denied is displayed.

By default, Security Explorer uses the credentials of the logged-in user. Alternate credentials are used only for command processing, such as management operations, and not for search operations, which are executed under the logged-in user’s account.

1
Choose Tools | Options, and open the Services/Tasks tab.
a
Click Add.
e
4

Setting alternate credentials NAS devices

Use alternate credentials to specify additional accounts that have administrative privileges to various NAS devices on your network. Each account in the list is tried in the order listed until an account is found with sufficient privileges. If no account is found with administrative privileges, Access Denied is displayed.

1
Choose Tools | Options, and open the NAS Devices tab.
a
Click Add.
e
4

Setting advanced options

1
Select Tools | Options, and open the Advanced tab.

Load domains using Active Directory

Select to load domains when you select items in the Navigation pane.

Load computers using Active Directory

By default, computers, groups, and users are loaded when you select items in the Navigation pane.

Include unknown computers when browsing/searching domains

To activate this check box, clear the Load computers, groups and users using Active Directory check box. Select to include unknown computers in the Navigation pane.

Highlight domain controllers when browsing domains

By default, an icon displays next to domain controllers.

Highlight workstations and servers when browsing domains

By default, servers and workstations are identified by different icons. If you clear this check box, both servers and workstations are identified by the same icon.

Auto-detect computers which are members of a cluster

Select to automatically select the Show Cluster File Shares check box when browsing computers that are members of a cluster. If selected, a warning message displays when you click OK. Click Yes to verify the selection. See Viewing permissions.

Check connection before loading (Ping)

Select to ping computers before loading. If a computer is unavailable, a warning message appears. The default time-out is set to 1,500 ms. By default, Security Explorer does not check the connection, which could cause a response delay if that computer is unavailable.

Do not set ‘Archive’ attribute when setting security

By default, the Archive attribute is set to Archive when a change is made to a permission. Select to leave the Archive attribute set to Normal if a change is made.

Skip reparse points when processing permission changes

By default, reparse points are skipped when processing permission changes.

Skip subfolders and files when processing This Folder Only permissions (Grant/Delete only)

By default, child items under the parent folder are processed when granting or deleting the This Folder Only permission. Select to skip processing child items when granting or deleting the This Folder Only permission, which may speed up the process.

Use cache when browsing

By default, if the user browses to a path, such as c:\windows, the contents of c:\windows is stored in either a display (stored in memory) or a persistent (stored in an SQLite database) cache and can be reloaded immediately. Clear the check box to disable the caches and always reload information from the original target.

Use persistent cache

By default, a persistent SQLite database cache is used to store and quickly display lists, even if the console has been restarted since the cache contents were loaded originally.

View indicator when items loaded from cache

By default, a C displays next to items loaded from the cache and CACHE displays in the status bar. The default size of the display cache is 25 entries. Clear the check box to remove the indicator from display.

Do not use cached entries older than

By default, the age of the cache entry is examined prior to loading a path. By default, entries older than 3 hours are reloaded from the disk. You can set the value in the Display cache box up to 24 hours and in the Persistent cache box up to 999 hours.

If the user revisits a path, the age of the cached entry is inspected to determine if the path is loaded from the cache or disk.

If the age of the cache entry is less (younger) than the values set in the Display cache and Persistent cache boxes, the entry is reloaded from the cache.
If the age of the cache entry is greater (older) than the values set in the Display cache and Persistent cache boxes, then the cache entry is removed and the entry is reloaded from disk.

Cache Reset All

Click to clear the database caches for all modules. Active only if the Use cache when browsing or Use persistent cache check boxes are selected.

By default, the configuration folders and files of a user are saved to C:\Users\<Current User>\AppData\
Local\Quest\Security Explorer\v9
. You can choose to change the location where your configuration folders and files are stored.
NOTE: The mapping between each user and their specified config load path is saved to the UserConfigSettings.xml file located at C:\ProgramData\Quest\Security Explorer\v9. When a user starts Security Explorer, this file is checked for a user-specific setting. If a specified config load path mapping is found, Security Explorer loads the configuration settings from the path specified in the UserConfigSettings.xml file. If a mapping is not found, Security Explorer uses the settings from the default path: C:\Users\<Current User>\AppData\Local\Quest\Security Explorer\v9.

PersistantData.xml

User settings

BackupSavedTasks.xml

List of scheduled backups

ExportSavedTasks.xml

List of scheduled exports

SavedAccessManagerServers.xml

List of Access Explorer servers (NTFS Security module only)

SavedPermissionTemplates.xml

Saved Permission Templates (NTFS Security module only)

SavedSharePointSites.xml

Saved SharePoint farms and sites (SharePoint Security module only)

SavedLocations.xml

Favorites and Enterprise Scopes

Saved Searches folder

Saved searches for all modules

a
Click Advanced.
To copy configuration information from the All Users account to your account, leave the Share information with all users check box blank, and click Copy Shared Data.
To copy your configuration information to the All Users account, select the Share information with all users check box, and click Copy User Specific Data.
c
By default, the configuration information of a user is saved to C:\Users\<Current User>\AppData\Local\Quest\Security Explorer\v9. To change the location, select the Change config load path check box, browse to select the new location, and click OK.
d
7
Related Documents