Appendix B

Security Configuration Manager

In previous editions of this book, I demonstrated a tool called the Security Configuration Wizard (SCW). SCW made its debut in Windows Server 2003/SP1. It had a neat idea:

1. Scan the machine to learn what it’s already doing. Maybe it’s a Domain Controller, Exchange server, SQL server, etc.

2. Detect where the server is utilized (such as which services are in use, firewall ports open, etc.).

3. Create a baseline you could then export.

4. Transform the baseline to a GPO.

Then you could link the GPO to, say, all your similar servers (DCs, Exchange servers, SQL servers, etc.) and all those servers would be equally secure.

Awesome! Except no one used the tool. People wanted Microsoft to tell them exactly ...

Get Group Policy: Fundamentals, Security, and the Managed Desktop, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Group Policy: Fundamentals, Security, and the Managed Desktop, 2nd Edition by Jeremy Moskowitz

Appendix B

Security Configuration Manager

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly