Security Explorer 9.5. About Security Explorer 9.5. New features. June 2014



Similar documents
Dell Security Explorer 9.6

About Recovery Manager for Active

New Features and Enhancements

Dell Recovery Manager for Active Directory 8.6. Quick Start Guide

Dell Statistica Statistica Enterprise Installation Instructions

Security Explorer 9.5. User Guide

Dell Recovery Manager for Active Directory 8.6.0

Dell One Identity Quick Connect for Cloud Services 3.6.1

Dell Spotlight on Active Directory Server Health Wizard Configuration Guide

Dell Statistica. Statistica Document Management System (SDMS) Requirements

Dell One Identity Quick Connect for Cloud Services 3.6.0

Spotlight Management Pack for SCOM

Dell InTrust Preparing for Auditing Microsoft SQL Server

Spotlight Management Pack for SCOM

Dell Statistica Document Management System (SDMS) Installation Instructions

Dell Recovery Manager for Active Directory 8.6.3

Dell Client Profile Updating Utility 5.5.6

Enterprise Reporter Report Library

Dell Enterprise Reporter 2.5. Configuration Manager User Guide

Dell One Identity Cloud Access Manager Installation Guide

Dell NetVault Backup Plug-in for SQL Server 6.1

Dell InTrust Preparing for Auditing and Monitoring Microsoft IIS

Dell NetVault Backup Plug-in for SQL Server

Dell InTrust Preparing for Auditing Cisco PIX Firewall

Security Analytics Engine 1.0. Help Desk User Guide

Dell Unified Communications Command Suite - Diagnostics 8.0. Data Recorder User Guide

Dell One Identity Cloud Access Manager How to Configure for High Availability

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

formerly Help Desk Authority Upgrade Guide

Dell InTrust Preparing for Auditing CheckPoint Firewall

Dell Spotlight on Active Directory Deployment Guide

ChangeAuditor 5.6. For Windows File Servers Event Reference Guide

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

Dell NetVault Backup Plug-in for Advanced Encryption 2.2. User s Guide

Dell One Identity Manager 7.0. Help Desk Module Administration Guide

Dell InTrust 11.0 Best Practices Report Pack

Dell Migration Manager for Enterprise Social What Can and Cannot Be Migrated

ChangeAuditor 6.0 For Windows File Servers. Event Reference Guide

2.0. Quick Start Guide

8.7. Target Exchange 2010 Environment Preparation

Dell Migration Manager for Exchange Product Overview

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

VERITAS Backup Exec TM 10.0 for Windows Servers

4.0. Offline Folder Wizard. User Guide

Active Directory Change Notifier Quick Start Guide

Dell MessageStats for Lync and the MessageStats Report Pack for Lync & OCS 7.3. User Guide

Object Level Authentication

About Dell Statistica

Symantec Backup Exec TM 11d for Windows Servers. Quick Installation Guide

Introduction to Version Control in

Dell Recovery Manager for Active Directory 8.6. Deployment Guide

Spotlight on Messaging. Evaluator s Guide

Dell Active Administrator 7.5. Install Guide

Toad for Apache Hadoop 1.1.0

formerly Help Desk Authority HDAccess Administrator Guide

Dell NetVault Backup Plug-in for Hyper-V User s Guide

Defender Delegated Administration. User Guide

Symantec Backup Exec 2010 R2. Quick Installation Guide

8.7. Resource Kit User Guide

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

Dell InTrust Auditing and Monitoring Microsoft Windows

Quest SQL Optimizer 6.5. for SQL Server. Installation Guide

Backup Exec 15. Quick Installation Guide

Quest ChangeAuditor 4.8

Dell InTrust Real-Time Monitoring Guide

Quest vworkspace Virtual Desktop Extensions for Linux

6.7. Quick Start Guide

Dell NetVault Backup Plug-in for SharePoint 1.3. User s Guide

Dell Remote Support Center 2.6.5

FOR WINDOWS FILE SERVERS

Defender 5.7. Remote Access User Guide

Toad for Apache Hadoop 1.2.0

Symantec Backup Exec TM 10d for Windows Servers

Wise Package Studio 8.0 MR1 Release Notes

Enterprise Self Service Quick start Guide

Dell Active Administrator 8.0. About Active Administrator 8.0

Dell Directory Analyzer Installation Guide

formerly Help Desk Authority Quest Free Network Tools User Manual

Server Installation Guide ZENworks Patch Management 6.4 SP2

NETWRIX FILE SERVER CHANGE REPORTER

Dell One Identity Cloud Access Manager SonicWALL Integration Overview

Enterprise Manager. Version 6.2. Installation Guide

Web Portal Installation Guide 5.0

NETWRIX WINDOWS SERVER CHANGE REPORTER

Enterprise Vault Installing and Configuring

Dell Active Administrator 8.0

ChangeAuditor 6.0. Web Client User Guide

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

Companion for MS Analysis Server, v4

Dell Unified Communications Command Suite - Analytics 8.1. Deployment Guide

Quest ChangeAuditor 5.1 FOR ACTIVE DIRECTORY. User Guide

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

How to Deploy Models using Statistica SVB Nodes

How To Manage Storage With Novell Storage Manager 3.X For Active Directory

6.9. Administrator Guide

Quick Connect Express for Active Directory

Foglight. Foglight for Virtualization, Free Edition Installation and Configuration Guide

Foglight. Dashboard Support Guide

Transcription:

June 2014 These release notes provide information about Dell. About New features s Known issues System requirements Product licensing Getting started with Security Explorer Globalization About Dell About Security Explorer provides a single console for managing access controls, permissions, and security across Microsoft platforms that span multiple servers. The product provides a broad array of security enhancements including the ability to identify who has rights to resources across the entire organization. It also provides the ability to grant, revoke, clone, modify, and overwrite permissions quickly and from a central location. Unlike native tools, Security Explorer provides the ability to back up and restore permissions only, ensuring the integrity of data. To help meet auditing requirements, Security Explorer provides convenient reports that can be generated at your convenience. Lastly, the product s cleanup capabilities address common post-migration security issues. is a minor release, with enhanced features and functionality. See New features. New features New features in Short Product Name Version: Additional supported platforms: NetApp 8.2 (7-Mode and Clustered Mode) Dell FluidFS Microsoft SQL Server 2014 1

Change account login for services The new Bulk Change Password task is available in the Service Security module. You can search Windows services by the logon account and by either computer or domain. From the resultant list of services, you can change the password for the logon account. Schedule password changes for services The new Scheduled Tasks task in the Service Security module provides you the option to schedule password changes for service logon accounts. Sort options for Exchange mailboxes Using Tools Options Exchange tab, you can specify how to sort mailboxes in the Navigation tree. You can sort mailboxes by display name, first name, or last name. Once you make a change, refresh the tree to see the new sort order. Add shares to a Search Scope In previous versions of Security Explorer, you could only add computers and domains to a Search Scope. In version 9.5, you now can add shares to a Search Scope. PowerShell cmdlets accept multiple permission level arguments Set-SXPSharePointGrant and Set- SXPSharePointRevoke commandlets can be used to grant and revoke multiple permission levels. In previous versions, you could grant and revoke permissions for one permission level only. See also: s s The following is a list of issues addressed in this release. Table 1. General resolved issues The Active Directory tree node does not appear after enabling it on the View menu. 1850 Cannot create an Enterprise Scope with an empty name. 2259 PowerShell commandlets: Set-SXPExport to Access database does not work. 1955 PowerShell commandlets: Set-SXPSharePointRevoke does not work for SharePoint Groups. 1988 Command line utilities: SXPExport to CSV file is tab-delimited. 2501 Table 2. NTFS Security resolved issues Scheduled export to tab-delimited file works incorrectly. 2355 Set Ownership works incorrectly if domain account is selected from the Set 2174 Ownership list. Attempting to modify a file deny permission results in an Invalid Pointer error. 2329 Table 3. Share Security resolved issues Cannot add several shares with the same name to an Enterprise scope. 2158 2

Table 4. Task Management resolved issues An error occurs when setting account information for remote scheduled tasks. 2288 Table 5. SQL Security resolved issues Incorrect error message occurs after attempting to modify inherited permissions. 1855 Stop service works incorrectly. 2492 Table 6. Exchange Security resolved issues Cannot set Read Items permissions for the Calendar Mailbox Folder in the Grant and 2065 Modify dialog boxes if several Advanced Permissions are selected. Cannot select Free/Busy time, subject, and location permission in Advanced 2405 Permission Selection. Cannot copy permissions under alternate credentials when the Clone group 2024 memberships checkbox is selected. Cannot manage Exchange after changing the port. 2103 Cannot add a member (with complex Name) to a group in Exchange Administrators. 2163 Exchange 2013: The Search for Public Folder permissions option does not work. 2324 Backup file for an alphabetic group is not created after it is scheduled and run in 2126 Task Manager. Table 7. SharePoint Security resolved issues SharePoint Group Membership Report titles are a problem if multiple paths reported. 2478 Search for exact permission levels or better should work for all permission levels with 2583 the same masks, independently on permission level names and languages. Remove Members task does not work. 2165 Problems with authentication: errors occur for Site Collection Administrators and 2540 SharePoint groups Cannot grant multiple accounts in Grant Task. 1845 Copying permissions between site collections works incorrectly. 2199 Permissions are lost when a custom level is renamed. 1881 It is impossible to search in a new window under alternative credentials. 1980 Cannot grant permissions to Everyone and Authenticated Users with claims-based 2178 authentication. Cannot grant permission to a user with the same name from other domain. 2511 3

Known issues The following is a list of issues, including those attributed to third-party products, known to exist at the time of release. Table 8. NTFS Security known issues Known issue The Progress window goes through all subfolders and files when permissions are granted and the This folder only checkbox is selected. 360926 Table 9. SQL Security known issues Known issue It is necessary to restart the Remote Registry service, if it was not used for more than several minutes, to see SQL instances installed on Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. 360943 Table 10. Exchange Security known issues Known issue The Revoke Disabled and Revoke Unknown tasks do not work for Public Folders. 350968 Cannot create a mailbox for a new user if Exchange 2013 is in the mode: Active 350971 Directory split permission security model to the Exchange organization. Table 11. SharePoint Security known issues Known issue Cannot change Active Directory permissions under alternate credentials. 352844 Restoring permissions to a different path can work only if the source and target sites 360925 are identical. If one site item is different, permissions cannot be restored to all site items. Table 12. Task Management known issues Known issue Cannot set Active Directory group accounts to task user accounts. 351142 Cannot copy tasks configured to run with group accounts. 351143 Cannot change network connection for remote tasks. 351127 Table 13. Dell Fluid FS support known issues Known issue Security Explorer cannot get the local groups list in all modules. 350974 Cannot see Group Contents for local groups. 350975 Group and User Management: Cannot create new local users and groups. 350976 4

Known issue Group and User Management: Cannot delete local users. 350977 Group and User Management: Cannot see the local groups list in the Select account dialog box. 350978 Group and User Management: Domain Group appears in Group Properties dialog box. 350979 Group and User Management: Error occurs in the Clear Local Admin task. 350980 Group and User Management: Memberships list is empty. 350981 NTFS Security: Cannot see Group Contents for local groups. 350983 NTFS Security: Cannot see Memberships for local users after selecting a container. 350984 NTFS Security: Cannot rename local accounts. 350985 NTFS Security: Cannot search for permissions on the root. 350986 NTFS Security: In the Search function, an error occurs after selecting a local user and enabling the Include all group memberships checkbox. 350987 NTFS Security: An error occurs after attempting to create a share. 350988 NTFS Security and Share Security: It is impossible to add any user (domain or local) into a local group. 350989 NTFS Security: Cannot back up security when the Include SACL checkbox is selected. 350991 NTFS Security and Share Security: Cannot search for disabled accounts. 350992 System requirements Before installing, ensure that your system meets the following minimum hardware and software requirements. Hardware requirements Software requirements Supported platforms for Security Explorer User privilege requirements Required software for Microsoft Exchange 2013 for Security Explorer Setting up Microsoft Exchange for Security Explorer Upgrade and compatibility Hardware requirements Table 14. Hardware requirements Requirement Details Processor Pentium 600MHz or faster Memory 768 MB for Windows XP and Windows 2003 1 GB for Windows Vista and later Hard Disk space 150 MB Monitor 1024 x 768 screen resolution 5

Requirement Operating System Details Windows XP Windows Vista Windows 7 Windows 8 Windows 8.1 Windows Server 2003 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 NetApp 8.2 (7-Mode and Clustered Mode) Dell FluidFS Software requirements Table 15. Software requirements Requirement.Net Framework v.4.0 or later Details Install either the Full or Standalone version. Do not install just the Client Profile. Supported platforms for Security Explorer Table 16. Supported platforms for Security Explorer Security Explorer Module NTFS Security Share Security Registry Security Printer Security Service Security Task Management Group & User Management NTFS Security Share Security Group & User Management Supported Platform Windows NT 4.0 Windows 2000 Professional or Server Windows XP Windows Vista Windows 7 Windows 8 Windows 8.1 Windows 2000 Server Windows Server 2003 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 NetApp 8.2 (7-Mode and Clustered Mode) NOTE: Security Explorer supports CIFS volumes. Mixed CIFS/UNIX volumes are supported if the volume root owner is a Windows account. NOTE: For NetApp Clustered mode, to see changes after a permission action, such as Grant, Revoke, or Modify, on folders and shares, you must refresh the tree in the Navigation pane. 6

Security Explorer Module Supported Platform NTFS Security Dell FluidFS Share Security SQL Security SQL Server 2014 SQL Server 2012 SQL Server 2008 R2 SQL Server 2008 SQL Server 2005 SharePoint Security SharePoint 2013 SharePoint 2010 SharePoint Foundation SharePoint 2007 SharePoint Services 3.0 Exchange Security Exchange 2013 Exchange 2010 Exchange 2007 Exchange 2003 User privilege requirements To start Security Explorer, a user must be a member of the local Administrators, otherwise error messages display. Each module in Security Explorer has additional requirements to enable permission management. Table 17. Requirements to enable permission management Module NTFS Security Share Security Registry Security Printer Security Service Security Task Management Group and User Management Requirement To manage permissions on folders and files on remote computers, the File and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer. To manage permissions on shares on remote computers, the File and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer. To manage permissions on registry keys on remote computers, the file and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer. To manage permissions on printers on remote computers: The Printer Spooler service must be running on the target computer. The File and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed. To manage permissions on services on remote computers, the File and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer. To manage tasks on remote computers, the File and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer. To manage groups and users on remote computers, the File and printer sharing option must be enabled on the firewall on the computer with Security Explorer installed and on the remote computer. 7

Module SharePoint Security SQL Server Security Exchange Security Requirement To manage permissions on SharePoint servers, the SharePoint site must be on the same network as the computer on which Security Explorer is installed. To manage SharePoint sites exposed over SSL (https://), add the SharePoint server s certificate to the Trusted Root Certification Authorities store on the computer with Security Explorer installed. To manage permissions on SQL Servers: Remote Registry service should be started on remote SQL servers. Computer Browser service should be started on the computer where Security Explorer installed. Current user must be a member of the Administrators local group on the SQL server. Windows Firewall on remote SQL servers must be configured to allow 'file and printer sharing' and network access with the SQL instance(s). For more information please refer to: Configure the Windows Firewall to Allow SQL Server Access at http://msdn.microsoft.com/en-us/library/cc646023.aspx To manage permissions on the Exchange organization, the Exchange organization must be on the same Active Directory forest as the computer on which Security Explorer is installed. Required software for Microsoft Exchange 2013 for Security Explorer NOTE: For previous versions of Microsoft Exchange and mixed mode configurations, refer to Security Explorer Installation Guide. Table 18. Required software for Microsoft Exchange 2013 Client type Windows XP Windows Server 2003 Windows Vista Required software NOTE: Cannot manage Exchange 2013. Windows Server 2008 NET Framework 3.5 Service Pack 1 Power Shell 2.0 NET Framework 4.5 Full Extended Protection for Authentication PowerShell 3.0 Windows 7 NET Framework 4.5 Full Windows Server 2008 R2 Power Shell 3.0 Windows 8 Windows Server 2012 NET Framework 4.5 and PowerShell 3.0 already included 8

Setting up Microsoft Exchange for Security Explorer Client access server configuration 1 Check that all Exchange Windows services with Automatic startup are started. 2 Check that IIS Admin Service and World Wide Web Publishing Service IIS Services are started. 3 Check that the Exchange Web Application is configured correctly in IIS: Authentication: Windows Authentication is Enabled SSL Settings: Require SSL is switched on 4 Exchange Server 2010 and 2013 only: Enable PowerShell Remoting on the Exchange Server by running the PowerShell command: Enable-PSRemoting force. Client Configuration 1 Open port 443 on the firewall. 2 Install an Exchange Server SSL certificate. Upgrade and compatibility Security Explorer 9 does not require that you uninstall version 5, version 6, version 7, or version 8. You can install side-by-side with all of these previous versions. Product licensing You must have a new license file to use version 9. Your previous licenses will not be recognized by version 9. A utility is provided to upgrade your version 7 or 8 license to version 9. You can launch the license upgrade utility (LicenseUpgrade.exe) from the Auto Run feature or from the Security Explorer installation folder. To upgrade your license 1 Launch the autorun. 2 Click Run to launch the License Update Utility. 3 Click Find Now to locate your current license. 4 Click Get License to generate a version 9 license. To activate a trial or purchased commercial license 1 Start Security Explorer. When you start Security Explorer, a license check is performed. If you are installing Security Explorer for the first time, you are asked to update the license. 2 Click Update License and locate the license file. The license file is approximately 1 KB in size and has an.asc file extension. 9

To update a license 1 Start Security Explorer. 2 Select Help About Security Explorer. To view the applied licenses, click Licenses. To update a selected license, click Update License. Getting started with Installation instructions Additional resources Installation instructions IMPORTANT: If you are running Active Administrator on the same computer as Security Explorer, exit Active Administrator and stop all Active Administrator services before upgrading to Security Explorer. Use the autorun to install Security Explorer. To install Security Explorer 1 Launch the autorun. 2 On the Welcome screen of the Install Wizard, click Next. 3 Click View License Agreement. 4 Scroll to the end of the license agreement. 5 Click I accept these terms, and click OK. 6 Click Next. 7 Enter customer information, and click Next. 8 To change the location of the program files, click Change, or click Next to accept the default installation directory. 9 Click Install. 10 Click Finish. Additional resources Additional information is available from the following: Online product documentation (https://support.software.dell.com/security-explorer/release-notesguides) What s New Guide Installation Guide Upgrade Guide User Guide 10

Globalization This section contains information about installing and operating this product in non-english configurations, such as those needed by customers outside of North America. This section does not replace the materials about supported platforms and configurations found elsewhere in the product documentation. This release is Unicode-enabled and supports any character set. In this release, all product components should be configured to use the same or compatible character encodings and should be installed to use the same locale and regional options. This release is targeted to support operations in the following regions: North America, Western Europe and Latin America, Central and Eastern Europe, Far-East Asia, Japan. About Dell Dell listens to customers and delivers worldwide innovative technology, business solutions and services they trust and value. For more information, visit www.software.dell.com. Contacting Dell Technical support: Online support Product questions and sales: (800) 306-9329 Email: info@software.dell.com Technical support resources Technical support is available to customers who have purchased Dell software with a valid maintenance contract and to customers who have trial versions. To access the Support Portal, go to http://software.dell.com/support/. The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours a day, 365 days a year. In addition, the portal provides direct access to product support engineers through an online Service Request system. The site enables you to: Create, update, and manage Service Requests (cases) View Knowledge Base articles Obtain product notifications Download software. For trial software, go to Trial Downloads. View how-to videos Engage in community discussions Chat with a support engineer 11

2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser s personal use without the written permission of Dell Inc. The information in this document is provided in connection with Dell products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Dell products. EXCEPT AS SET FORTH IN THE TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, DELL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL DELL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF DELL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Dell makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Dell does not make any commitment to update the information contained in this document. If you have any questions regarding your potential use of this material, contact: Dell Inc. Attn: LEGAL Dept 5 Polaris Way Aliso Viejo, CA 92656 Refer to our web site (software.dell.com) for regional and international office information. Trademarks Dell, and the Dell logo are trademarks of Dell Inc. Microsoft, Windows, Windows Server, Windows Vista, SharePoint, SQL Server, and Active Directory are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Pentium is a trademark of Intel Corporation in the U.S. and/or other countries. NetApp and the NetApp logo are trademarks or registered trademarks of NetApp, Inc. in the United States and/or other countries. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell disclaims any proprietary interest in the marks and names of others. Legend CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not followed. WARNING: A WARNING icon indicates a potential for property damage, personal injury, or death. IMPORTANT NOTE, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information. 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information