Chapter 1: Basic Windows 2000 Security: Using Security Templates

Introduction

Security in Windows 2000 is no simple thing; however, it is manageable if taken one step at a time, starting from the bottom up. To that end, in this chapter we look at the first line of defense in making your Windows 2000 network more secure: security templates and Group Policy. This chapter covers a lot of ground, so fasten your seat belts and get ready for the ride! Let's take a look at the topics covered in this chapter:

• A review of the Windows 2000 Active Directory provides the starting point for this chapter and this book. Although this is a security book, not an Active Directory one, a solid Active Directory foundation is required to efficiently administer a Windows 2000 network. Simply put, Active Directory makes Windows 2000 tick, and Windows 2000 relies on Active Directory for all types of things.

• We next examine the basic security tools at your disposal-those that ship with Windows 2000, those that can be found in the Windows 2000 Server Resource Kit, and those that you can get elsewhere.

• Next, we examine how security is configured via templates and Group Policy by taking an item-by-item approach. Each configurable item is presented along with its default setting and usage.

• Once you've gotten your security configured, you will of course want to deploy it, so we walk through the various methods of deploying your security templates and security configurations.

• Lastly, we analyze your security settings using several tools available to you.