The Security Configuration Wizard(SCW) automates security best practices to reduce the attack surface for a server. The Exchange Server role extensions enable you to use the Security Configuration Wizard(SCW) to create a security policy that is specific to the functionality that is required for each
Microsoft Exchange server role. The extensions are provided with Exchange 2007 and must be registered before you can create a custom security policy.
Microsoft Exchange server role. The extensions are provided with Exchange 2007 and must be registered before you can create a custom security policy.
Step 1. Install an Exchange server role\roles.Install the Security Configuration Wizard(SCW) you will find it in Control Panel-->Add/Remove Programs-->Add/Remove Windows Components-->select Security Configuration Wizard and click next
Note:You must perform the registration procedure on each Exchange 2007 server to which you want to apply an Security Configuration Wizard security policy.
Step 2.To do this step you must be memeber of Local Administrators on the Exchange Server you want to apply the security policy and Exchange Server Administrator .On a server with the Edge Transport Role installed you need to be member of Local Administrators.open cmd and type:
scwcmd register /kbname:Ex2007KB /kbfile:"C:\Program Files\
Microsoft\Exchange Server\scripts\Exchange2007.xml"
Note:the command above works on Windows Server 2003-based or Windows Server 2003
R2-based computer that is running the Mailbox, Hub Transport, Unified Messaging, or Client Access server role.
R2-based computer that is running the Mailbox, Hub Transport, Unified Messaging, or Client Access server role.
scwcmd register /kbname:Ex2007EdgeKB /kbfile:"C:\Program Files\
Microsoft\Exchange Server\scripts\Exchange2007Edge.xml" Note:the command above works on Windows Server 2003-based or Windows Server 2003 R2-based computer that is running Edge Transport Server role.Step 3. To verify that the command has completed successfully examine the SCWRegistrar_log.xml file that is located in the C:\Windows\Security\Msscw\Logs folder
Step2 For Windows Server 2008-based computer that is running the Mailbox, Hub Transport, Unified Messaging, or Client Access server role is like this:
scwcmd register /kbname:Ex2007KB /kbfile:C:\Program Files\ Microsoft\Exchange Server\scripts\Exchange2007_WinSrv2008.xml"For Windows Server 2008-based computer that is running the Edge Transport server role is like this:
scwcmd register /kbname:Ex2007EdgeKB /kbfile:"C:\Program Files\
Microsoft\Exchange Server\scripts\Exchange2007Edge_WinSrv2008.xml"
Note:Step1. and Step3 are the same as for Server 2003-based or Windows Server 2003 R2-based computers
Hope this helped you.Thanks for reading.
No comments:
Post a Comment