Re: how to apply w2k security to w2k member servers under w2k3 dom

• Previous message: Coby Pennington: "Windows 2000 Patches (MBSA)"
• In reply to: Steven L Umbach: "Re: how to apply w2k security to w2k member servers under w2k3 domain?"
• Next in thread: Steven L Umbach: "Re: how to apply w2k security to w2k member servers under w2k3 dom"
• Reply: Steven L Umbach: "Re: how to apply w2k security to w2k member servers under w2k3 dom"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 6 Apr 2005 09:13:04 -0700

thanks, steven

"Steven L Umbach" wrote:

> Yes you can do exactly what you propose and it makes good sense. Create
> separate OU's for your Windows 2000 servers and use an OU with a Windows
> 2000 security template imported into it. Do not mix and match security
> templates between Windows 2000 and Windows 2003 computers as you may have
> unpredictable results. For domain controllers however do NOT move any out of
> the default domain controllers container. You can however create separate
> OU's inside of the domain controllers container if need be. Use the Security
> Configuration and Analysis mmc snapin to verify the effective security
> policy applied to your servers to make sure security settings are what you
> expect. The biggest difference in security templates is security options as
> Windows 2003 has several more than Windows 2000 and many have been
> named. --- Steve
>
>
> "ben" <ben@discussions.microsoft.com> wrote in message
> news:AF1F769B-D2AF-48AF-9A7C-E8D928C9EAC0@microsoft.com...
> > hi,
> >
> > I have one w2k3 AD domain, all dcs are w2k3, 80% servers are w2k3 servers,
> > 20% are w2k servers, I can apply w2k3 member server baseline security to
> > all
> > w2k3 servers and then apply customized security templates to them
> > according
> > to specific roles, but how to manage the security to w2k servers using
> > GPO?
> > if put all w2k servers into one OU and apply baseline security, how to
> > apply
> > the w2k security template to w2k servers under w2k3 domain? can I just
> > import the w2k security template into w2k3 GPO and link to w2k servers OU?
> >
> >
> > thanks!
>
>
>

• Previous message: Coby Pennington: "Windows 2000 Patches (MBSA)"
• In reply to: Steven L Umbach: "Re: how to apply w2k security to w2k member servers under w2k3 domain?"
• Next in thread: Steven L Umbach: "Re: how to apply w2k security to w2k member servers under w2k3 dom"
• Reply: Steven L Umbach: "Re: how to apply w2k security to w2k member servers under w2k3 dom"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: IIS6 Security and other web servers ... IIS6 Security and other web servers ... I know of no Windows architecture that is exposed directly to ... I know of a number of LAMP-type servers that are ... exposed directly to the Internet with no intervening layers. ... (Security-Basics) [NT] Cumulative Security Update for Internet Explorer (MS04-025) ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ... (Securiteam) [NT] Vulnerability in HTML Help Allows Code Execution (MS05-001) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service ... (Securiteam) Re: The Myth of the secure Mac ... OEM Windows XP Home goes for a bit under $100. ... >> secure than Home. ... Though this really has nothing to do with security. ... Microsoft counts on third-party developers to provide more ... (comp.sys.mac.advocacy) Re: Installation instructions for Firefox somewhere? ... Many updates are not security-related. ... > of dealing with an app that breaks as a result of a security update ... The solution here is to stop using Windows, ... They can just plug in the servers and run ... (freebsd-questions)