How to perform a new Power Search?
 
The New Search option in Power Search feature allows you to generate a security permissions search report through Power Search Wizard. The Power Search Wizard will guide you through the following step to perform a new security permission search. You can either save the search report or leave it unsaved.

To launch Power Search Wizard, click menu in the toolbar. The Power Search Wizard will appear as shown below:


Step 1: Domain Selection 
              
                              


  • Select a domain by clicking Select... button. Upon clicking this button, the Configuration Settings  will be displayed from which you can select a domain.
     
  • Click Next to proceed to the next step.


    Step 2: Permission Selection 
             
                
                  
  • Select the desired permissions category (Read About Power Search section) and the permissions to be searched under Permissions section:

  • Select the 'Show exact match on these permission(s)' checkbox, if you wish to view only the exact match of the selected permissions and not the sub-set of permissions.
                           
  •  
  • Select the desired Access Control Entry type under 'ACE type' section.

  • Select the desired permission inheritance type under 'ACE type' section.    
             Show both inherited and explicitly assigned - to view both inherited and explicitly assigned permissions.
             Show inherited only - to view only inherited permissions.
             Show explicit only - to view only explicitly assigned permissions.

  • Click Next to proceed to the next step.


    Step 3: Scope Selection  

  • Select the type of objects under 'Objects to search' tab for which the selected permissions have to be searched. The objects corresponding to the selected object types will be enumerated in the connected domain and permissions will be searched for them. 

                  

        Note: If the permissions category selected in the previous step is Common tasks, then the 'Objects to search' tab is not applicable.

  • Under 'Containers to search' tab, select the suitable option (Entire domain or a sub-set of containers) in which selected type of objects have to be enumerated. You can select a set of containers in the domain by using '+' button to restrict the search scope of objects.  

                  
                        
  • By default, ARKAD processes the sub-containers of the selected containers to enumerate objects. You can click 'Edit Options' button to change this behavior.

                  

  • Click Next to proceed to the next step.


    Step 4 : Accounts Selection

  •           

  • Select the list of accounts for which the selected permissions on objects have to be reported. In this section, select the suitable option (All accounts or a set of accounts or built-in security principals) for which permissions will be reported.

  • You can select 'Only built-in security principals' option to list only the built-in security principals (assigned in security settings) in the permission reports.


  • Also, you can select a set of accounts (Built-in security principals, User, Group, Computers) from different domains by using '+' button. You can enter domain name, domain controller name, user credential to connect and enumerate the selected object types.
      

              

  • The enumerated accounts will be listed in 'Account Picker' dialog as shown below:

                  
            
    You can enter a part of the name to search and click Find Now to get the results. Select the desired accounts and click OK.

  • You can also use additional options such as 'Report options' and 'Show only the accounts' as stated below:

    Report options - This option can be used to include security identifier(SID), group membership (Member of) of the accounts and to exclude built-in security principals in the report.

    Show only the accounts - This option can be used to filter account based on its status. You can filter the accounts that are inactive, unknown, expired and disabled.

    Inactive: By default, accounts whose 'Last logon' is less than 30 days is considered as inactive accounts. This threshold can be customized, by clicking the hyperlink next to 'Inactive account threshold'.

    Unknown: The accounts that cannot be identified in a domain. For example, account name like 'Account Unknown S-1-2 ...' can be seen in any object's 'Security' tab, because the corresponding account is deleted and unknown to domain. The unknown account will also include Foreign Security Principals.

    Expired: The accounts that are expired.

    Disabled: The accounts that are disabled.

  • Click Next to proceed to the next step.


    Step 5 : Summary


                  

  • This step shows the list of settings configured in the previous steps. Verify the settings and click Back to change the settings, if necessary.
      
  • Select 'Save search' check box and enter a search name and search description (optional) to save the Power Search for repeated use in the future.

  • Click Finish to generate the report.

  • After the data collection process is complete, the report would be generated in a report window as shown below: 

                                                                                                 
  •  In the report window, you can click the 'Search settings' button to view the search settings associated with the report.