Printer Friendly Version

In the first part of this series, we learned how to use Microsoft's Management Console (MMC) to automatically configure and enforce security policies by creating security templates. We also learned how to create a security template and assign Account Policies to it for a basic Windows 2000 server. In Part 2, I'll teach you how to assign Local Policies and Event Log security policies to your basic Windows 2000 server templates.

Want to discuss this article, or other intranet security issues? Visit the Intranet Journal Discussion Forum.

Refreshing Our First Lesson

As you'll recall, in our first lesson we created a security template for a basic Windows 2000 server and then learned how to configure the Account Policies as illustrated below. Before I show you how to create a different template for specific server types such as a DNS server, a DHCP server, and an Exchange server, we need to finish up learning how to configure the remaining policies for a basic Windows 2000 server.

Security template account policies.

Aside from the Account Policies that you learned how to configure in Part 1 of this series, there are six other types of security policies we can configure:

• Local Policies
• Event Log
• Restricted Groups
• System Services
• Registry
• File System

Before getting started, refer to Part 1 to refresh your memory on how to open the Security Template to configure the policies. After opening the template, configure the Local Policies by clicking the + next to the Local Policies, as illustrated below. You'll see that there are three types of Local Policies to configure.

Security template local policies.

You'll need to configure security policies of the three types of Local Policies, and then do the same for Event Log, Restricted Groups, System Server, Registry, and File System. In Part 1, I taught you how to click on the various choices in the Template Security Policy Setting box, as illustrated below, to select the setting that you want.

Security template policy setting box.