10-28
The director of IT for a growing company plans to install three new Windows Server
2003 domain controllers on the network, so she assigns each of the three new network
administrators who have recently joined the firm the task of installing one of the new
servers. She gives each of the administrators a worksheet containing the information
they need to perform the installation, including the proper domain names and IP
addresses. She also informs them that all the domain controllers on the company net-
work must use the Hisecdc.inf security template included with Windows Server 2003,
but with several key changes to certain security policies, which she supplies to them as
a printed list of policies and their new values.
The three administrators, Tom, Dick, and Harry, each go off to perform their tasks sep
arately. They proceed as follows:
■ Tom opens the Security Configuration And Analysis snap-in on his domain con-
troller, creates a new database, and imports the Hisecdc.inf security template into
it. After performing an analysis using the snap-in, Tom opens each policy on the
list of changes the director has given him and modifies it to the value on the list.
■ Dick uses the Security Templates snap-in to create a new template containing the
settings on the list of changes the director has given him. Then he creates two
Group Policy Objects, links them both to the Domain Controllers organizational
unit in Active Directory, and applies the templates to the Group Policy Objects,
Hisecdc.inf to the first one and the new template he created to the second.
■ Harry uses the Security Templates snap-in to modify the Hisecdc.inf template by
changing the policies on the list of changes to the values specified on the list.
Then he uses the Secedit.exe utility to apply the modified template to the domain
controller.
Bạn đang xem 10- - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 293 PHẦN 6 PPTX