立即与支持人员聊天
与支持团队交流

Security Explorer 9.9.2 - User Guide

Getting Started with Security Explorer Managing permissions Searching Managing security Managing objects
Managing folders and files Managing shares Managing registry keys Managing services Managing tasks Managing groups and users Managing Favorites Managing Enterprise Scopes Updating licenses Managing network drives
Working with Microsoft SQL Server Working with Microsoft Exchange
Checking minimum requirements Viewing Exchange permissions Granting Exchange permissions Revoking Exchange permissions Cloning Exchange permissions Searching for Exchange server objects and permissions Backing up and restoring Exchange server security Modifying Exchange permissions Managing Exchange group memberships Exporting Exchange security permissions Creating Exchange databases Creating public folder mailboxes Managing Exchange administrators Managing Exchange distribution groups Managing mail contacts Managing mail users Managing mailboxes Managing mailbox folders Managing public folders Using role based access control Setting options for Exchange security
Working with Microsoft SharePoint Working with Access Explorer Working with Microsoft Active Directory Customizing Security Explorer Using the command line Using PowerShell cmdlets Troubleshooting

Registered forest

To register a forest, add the forest to Access Explorer. See Adding forests. When you add a forest, you must provide a service account with sufficient permissions to perform all Access Explorer configuration tasks. If the application needs to resolve a SID or expand group membership from that forest, it will use the associated service account.

When you add a managed domain and the associated Active Directory® forest is not yet registered, the Security Explorer Server will automatically add the forest and use the domain service account credentials as the forest credentials.

For more information, see:

Managed computer

A managed computer is any network object that can host resources such as files, folders, and shares. Currently supported resources include Windows® computers, Windows® clusters, and certain network attached storage (NAS) devices. When the user adds a managed computer, Configuration Manager deploys an Access Explorer agent to scan that computer. The agent may be installed on the computer (local agent) or it may be installed on another computer (remote agent). Detailed access information is maintained on the agent computer, only sending general access information to the server.

For more information, see:

Access Explorer agent

When a managed computer is added, an agent is assigned to that computer. The agent may reside on the computer or it may be a remote agent that resides elsewhere. The primary focus of the agent is to index all the explicit permissions throughout its assigned scopes. The agent installs a service that allows it to perform all of the necessary functions and to report data to Security Explorer.

The indexing of only explicit permissions is done for the following reasons:

A managed computer may be scanned by either a local agent or one or more remote agents. Only one local agent can be installed on a managed computer and a managed computer with a local agent cannot be scanned by remote agents.

A local agent does an immediate scan as soon as it is added. Remote agents only scan according to a schedule, but if you want the agent to scan as soon as it is added you can enable the Immediately scan on agent restart or scope change option. This option is cleared by default.

For more information, see:

Scopes

Scopes define the file system targets of the scan on the managed computer. The scopes available for scanning differ for local and remote agents.

Scopes tab of the Agent Properties.

More than one remote agent may be configured to scan a managed computer provided each agent scans different scopes. A given scope can be scanned by only one agent.

Figure 1 depicts the possible deployment scenarios for Access Explorer agents and managed computers in remote and local installations.

For more information, see:

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级