The Microsoft® Windows® Server 2003 operating system product family offers powerful capabilities far beyond the Microsoft Windows NT® Server 4.0 server family. The Windows Server 2003 family of products was designed with an eye on the easy upgrade of Windows NT Server 4.0. This article outlines the process of upgrading or migrating to a Windows Server 2003 Active Directory® service and describes some of the decisions that need to be made during the upgrade or migration process. The first thing you need to consider when upgrading is to choose the version of Windows Server 2003 that best meets your needs.
When upgrading a Windows NT 4.0-based computer to Windows Server 2003, the "Windows Installer" does not change the registry and file system ACLs. Windows Server 2003 allows for a higher level of security, and it handles registry and file system permissions differently than Windows NT 4.0. Microsoft recommends that you apply Windows 2003 ACLs to computers that are upgraded from Windows NT 4.0.
To apply the registry and file system ACLs, you can use the "Security Configuration and Analysis" snap-in. Please note that you must be a member of the “Administrators” group to perform this procedure.
How to apply the default system security settings on a computer that is upgraded from Windows NT 4.0 to Windows Server 2003 as a member of the "Administrator" or "Administrators" group.
Click Start, click Run, type mmc in the Open box, and then click OK.
On the File menu, click “Add/Remove Snap-in.
Click Add, <;Security Configuration & Analysis", Add, click Close, then click OK.
In the console tree, right-click “Security Configuration and Analysis" and click Open Database.
Specify the name of the database (for example, upgdbase) and location, then click Open.
In the Import Templates dialog box that appears on the screen, click Set Security.inf, and then click Open.
Right-click on “Security Configuration and Analysis" and click Analyze Computer Now.
In the Execution Analysis dialog box that appears on the screen, accept the default log file path shown in the "Error log file path" box, or specify the desired location and click OK.
Compare this template security settings to your existing computer settings.
Note: At this point, no changes will be made to the computer. The results of this process indicate how the security settings in the template differ from the actual system settings.
When you complete the analysis, expand the various components in the console tree, such as account policies, local policies, event logs, restricted groups, and system services.
For each component you expanded in step 10, view its security properties in the right pane of the policy column, and note the following:
with green The item marked with a check indicates that the current computer settings are the same as the security settings in the database.
Items with red <x” indicate that the current computer settings are different from the security settings in the database.
If the green checkmark or red <x” is not displayed, this security attribute is not defined in the template and is not analyzed.
If you want to add or modify database settings, right-click the security attribute you want to add or modify, and then click Properties. Click the "Define this policy in the database" checkbox, select it (if it is not already selected), make the required changes to the policy settings, and click OK.
Note: The Database Settings column shows the security settings contained in the template, and the Computer Settings column shows the current settings for your computer.
To configure your computer to use the security settings in your database, right-click “Security Configuration and Analysis", and then click Configure Computer Now.
In the Configure System dialog box that appears on the screen, accept the default path and log file name, or type the path and file name you want and click OK.
The secure database configuration is applied to the computer.
If there is a conflict between the database project and the existing security configuration on the computer, the existing project will be overwritten unless you eliminate the difference between the two before configuring the computer.
Windows Server 2003 Terminal Server is used to connect many terminals to an IBM hos
We always worry about the system does not have too much memory, always hope to release some system m
The Web Management Interface is a feature that is worthy of being used by network u
Phishing is an attacker using fraudulent emails and fake Web sites for scams. The scammers often rev
Teach you to easily set the Win 2003 domain controller password
Configuration of NAT server in win2003
Solve the rough problem of Win2003 playback picture easily
Win2003 system to build a security line? Then enable built-in ICF
Easy to implement small games from Win2003 to Win2003
The implementation of network load balancing is not as simple as you think.
To explain how Windows servers are attacked?
Explain the little-known VPN server
Software execution protection software can not open win2003 system how to be good?
Win2003 makes the disk more secure settings
Experts solve the win2003 under the coral polyps QQ can not run a coup
Tips for Windows 7 to recover hidden files
How to turn off Win7 auto play function
Maybe you don't know the most useful features of the 12 Win8 systems
Win8 two ways to create desktop IE icons
Win8 audio service is not running solution
Win7 monitor driver stops responding solution
Graphical steps for fast-pressing tray mounting
Microsoft pushes Win8.1/WP8.1 universal application graphics acceleration Win2D API
Win10 new beta improves Edge browser HTML5 performance
Win7 system autocad2007 can not use the network printer solution