Windows Server 2003 Recommended Baseline Security
Windows Server 2003 Recommended Baseline Security
Windows Server 2003 Recommended Baseline Security
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Unclassified ITSG for <strong>Windows</strong> <strong>Server</strong> <strong>2003</strong><br />
e. Click ‘Open’ button.<br />
i. ‘Import Template’ window opens.<br />
f. Browse to the location of the <strong>Baseline</strong> configuration file and select it.<br />
g. Select ‘Clean this database before importing’.<br />
h. Click ‘Open’ button.<br />
i. Right click on ‘<strong>Security</strong> Configuration and Analysis’.<br />
j. Click ‘Import Template’.<br />
i. ‘Import Template’ window opens.<br />
k. Browse to the location of the role based policy file and select it.<br />
l. Click ‘Open’ button.<br />
m. Right click ‘<strong>Security</strong> Configuration and Analysis’.<br />
n. Select ‘Analyze Computer Now’.<br />
i. ‘Perform Analysis’ window opens.<br />
o. Click ‘OK’ to accept the log file location and perform analysis.<br />
6.3 Compare Resultant Policy and Computer Settings<br />
a. Click on the ‘+’ to expand ‘<strong>Security</strong> Configuration and Analysis’.<br />
b. Click on the ‘+’ to expand ‘Account Policies’.<br />
c. Click on ‘Password Policies’ (right side frame shows settings).<br />
NOTE: If any item in the database does not match the computer setting, a small<br />
red ‘x’ in the ‘Policy’ column appears.<br />
d. Repeat the process for all sub-groups in ‘Account Policies’, ‘Local Policies’, and<br />
‘Event Logs’.<br />
e. Click on ‘System Services’ (right frame shows service settings).<br />
NOTE: If any item in the database does not match the computer setting, a small<br />
red ‘x’ in the ‘System Service’ column appears. Additionally, if the security<br />
setting does not match, the ‘Permission’ column will display ‘Investigate’.<br />
f. To reset the configuration, simply reapply the policy. A domain server can be<br />
rebooted to force application of the policy.<br />
g. Policy configuration for a workgroup server must be reapplied manually. Please<br />
follow the procedure outlined in 5.1 Role Based IPSec Policies.<br />
132 March 2004 Compliance Inspection and Enforcement