Using Security Templates to Deploy Secure Configurations
You’ve now seen several examples of how you can configure Group Policy to implement your company’s specific security policies, and you’ve seen how you can apply different settings to large or small groups of users and computers. With such a large number of settings available, though, you may find yourself in a record-keeping nightmare trying to keep track of which settings are applied to which groups. To help solve this problem, Windows provides a number of templates that contain common security and configuration settings for a variety of purposes, from domain controllers to workstations. Of course, you may find that the built-in templates don’t provide exactly what you need for your situation, and for that purpose, you can create your own templates. You’ll learn about both kinds of templates in this section, and how to deploy them effectively.
Using Built-in Templates
Windows
Server
2003 comes with several built-in security templates located in
%SystemRoot%\Security\Templates
, which you can
use to configure specific security behaviors within your environment.
For example, the Highly Secure template is designed to be applied to
server computers and configures them to accept only encrypted
connections from clients and from other servers. The Highly Secure
template can be used to configure client computers (running Windows
2000 Professional or Windows XP) to make encrypted connections to
other computers.
Here is a list of the ...
Get Securing Windows Server 2003 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.