Guidelines For Selecting The Implementation Process For Security By Server Role

By Author: Shirley Green
Total Articles: 129
Comment this article

You might need more than one process to ensure that the correct security settings are applied to all MCSE 2003. Follow these guidelines to select which implementation process to use:
If servers are members of an Active Directory Domain, use Group Policy to apply the template security settings.
If servers are not members of an Active Directory Domain and there are many of them, develop a script that uses secedit and use this to apply the templates.
Apply the baseline template during installation. Apply the incremental template either later in the process or immediately after installation.
If enough servers of a particular role type will be installed, create a combination template, rename it defltsrv.inf, and use it in the installation process.
When creating default templates for installing domain controllers, make sure a domain controller template is applied before the server is promoted to a domain controller. Some services must be running that typically are not configured to be in the baseline template. If the services are not running, domain controller ...
... installation will fail.

There are two other methods for applying security settings: using the installation process, and manually configuring the system. To manually configure the system, you must use the Group Policy editor to edit security settings. To use the installation process:
Rename the baseline template defltsv.inf. (This template is used during installation to apply the default security settings).
Perform one of the following actions:
Copy defltsv.inf to the network installation share (the place where installation free Security+ practice exams reside so that they can be used during a network install).

Make the new defltsv.inf file a part of a custom installation CD-ROM (that includes all other necessary installation files).
You are the domain administrator for Wingtip Toys and want to propose a new security plan for Wingtip Toys servers. You have decided that security by server role is the way to go. Your first step is to create the OU infrastructure. You examined how servers are used at Wingtip Toys and compiled the following information.
There are 30 servers at Wingtip Toys. Fifteen are used as file servers. There are four print servers, which are never used as file servers. The other servers include two Microsoft SQL Server servers and two servers in the Certification Authority hierarchy, including the root server, which is located in a vault. Remote access services consist of an Internet Authentication free practice exams for MCTS server and three remote access servers.