Professional Documents
Culture Documents
Table of Contents
Introduction to Windows Server 2003 Management................................................................. 1
Exercise 1 Introduction to Group Policy .......................................................................................................................2
Exercise 2 Security Configuration Wizard ....................................................................................................................4
Introduction to Windows Server 2003 Management
SEA-WRK-01
The password for the Administrator account on all computers in this lab is:
MSEvent.123
Page 1 of 6
Introduction to Windows Server 2003 Management
Exercise 1
Introduction to Group Policy
Scenario
In this exercise, you will take a look at a few of the basics of Group Policy.
Complete this exercise using:
SEA-DC-01
SEA-WRK-01
Page 2 of 6
Introduction to Windows Server 2003 Management
Tasks Detailed Steps
d. Type lking in the user name box and type MSEvent.123 in the Password box, and
then click OK.
Logging on to a client workstation as any user under the Sales and Marketing OU,
including child OUs, will apply the Default User Policies GPOs. The Run option is
disabled.
e. Click Start.
You will notice that the Run option is not available from the Start menu If the Run
menus is still there, log off and then back on to allow more time for the policy to
change.
Complete the following a. Switch to the SEA-DC-01 machine by clicking the SEA-DC-01 link in the My
task on: Machines browser.
b. In the console tree, right-click Group Policy Modeling, and then click Group
SEA-DC-01 Policy Modeling Wizard.
3. Resultant Set of c. In the Group Policy Modeling Wizard, click Next.
Policies d. Click Next.
e. In the User information area, select Container and then click Browse.
f. Expand Contoso.com, click Sales and Marketing, and then click OK.
g. In the Computer information area, select Container, and then click Browse.
h. Expand Contoso.com, click Computers, and then click OK.
i. Click Next.
Advanced Simulation Option can be select here
j. Click Next.
You can add different User Security groups for the simulation.
k. Click Next.
You can add different Computer Security groups for the simulation.
l. Click Next.
You can include Windows Management Instrumentation (WMI) filters for Users to the
simulation.
m. Click Next.
You can include Windows Management Instrumentation (WMI) filters for Computers
to the simulation.
n. Click Next.
A summary of the selections is displayed.
o. Click Next, and then click Finish.
p. Click the Setting tab.
Here you can examine the settings applied, and see what GPO applied them.
q. Close the Group Policy Management Console.
Page 3 of 6
Introduction to Windows Server 2003 Management
Exercise 2
Security Configuration Wizard
Scenario
In this exercise, you will use the Security Configuration Wizard.
Page 4 of 6
Introduction to Windows Server 2003 Management
Tasks Detailed Steps
A list of the roles is displayed, the installed roles are selected.
l. Click Next.
A list of the client features is displayed; the installed client features are selected.
m. Click Next.
A list of the Administrative and other options are displayed, the installed options are
selected.
n. Click Next.
A list of additional services installed on the server is displayed.
o. Click Next.
Handling Unspecified Services, these services that do not appear in the SCW database
and are not installed on the server.
p. Click Next.
A list of services are displayed that will be changed based on the Roles, Features and
Options you selected.
q. Click Next.
This section is designed to configure inbound ports using Windows Firewall. The
configurations will be based on the roles and administration options that were
selected in the previous section. You will also be able to restrict access to ports and
configure port traffic to be signed or encrypted using IPSec.
r. Click Next.
A list of ports is displayed. The list indicates if the port will be explicitly open,
blocked, or for an approved application.
s. Click Next.
This section is designed to configure protocols used to communicate with computers
on the network.
t. Click Next.
This section determines if SMB Security Signatures are enabled
u. Click Next.
This section determines if LDAP signing is required by the security policy
v. Click Next.
w. Click Next.
x. Click to select the Windows 2000 SP3 or later check box, and then click Next.
This section determines methods used for when making outbound connections.
y. Click Next.
This section determines the LAN Manager authentication level when making outbound
connections.
z. Click Next.
This area displays a summary of the registry settings to be changed based on your
selections.
aa. Click Next.
This section will configure the auditing of the server based on your auditing
objectives. The audit policy within the Wizard can be configured to not audit any
events, audit only successful events, or audit both successful and unsuccessful events.
The audit policy will not only configure the Object Access events, but the entire audit
policy list of events.
bb. Click Next.
cc. Click Next.
Page 5 of 6
Introduction to Windows Server 2003 Management
Tasks Detailed Steps
A summary of the Audit Policies are displayed.
dd. Click Next.
This section will only display if you selected the server to run the Web server role.
This section is designed to configure the security aspects of Internet Information
Services (IIS).
ee. Click Next.
Select Web Service Extensions for Dynamic Content
ff. Click Next.
Select Virtual Directories to Retain
gg. Click Next.
Prevent Anonymous Users from Accessing Content Files
hh. Click Next.
A summary of the changes to be made to IIS are displayed
ii. Click Next.
Save the Security Policy
jj. Click Next, and then click View Security Policy.
kk. Close the SCW viewer
ll. Type Test for the name of the security policy
mm. Click Next.
Do Not Restart the Server
nn. Click OK, click Next and then click Finish.
Page 6 of 6