Configuring Security

Security Tools in Windows 2000

Windows 2000 provides an extensive set of tools to help administrators configure and manage security, including group policies, local policies, file and folder access, system registry access, and auditing. Delegation of Control Wizard enables you to delegate administrative control for particular organizational units to specified users or groups. Other tools are available as Administrative Tools, such as Event Log, and additional tools are available through MMC snap-ins, such as Security Templates, Security Configuration and Analysis, and Group Policy.

To access Delegation of Control Wizard, open one of the Active Directory MMC snap-ins (such as Active Directory Users and Computers or Active Directory Sites and Services), right-click on an Active Directory organizational unit (such as a domain, the Computers folder, or the Users folder), and then select Delegate control. To take advantage of Delegation of Control Wizard, first create organizational units containing accounts and shared resources that should be managed centrally, and then use the wizard to delegate control of the units to specific users or groups. For more information, see the Windows 2000 documentation.

To access the following security tools, click Start, click Program Files, click Administrative Tools, and then select the tool.

The following are Windows 2000 security tools:

Each of these tools enables you to set, for their respective areas, account policies (such as password, lockout, and Kerberos policies), local policies (such as what to audit, who can set the system time, and when and if users are logged off automatically), event log settings, security policies for system services (such as IIS and the print spooler), file and registry security policies, and security for many other Windows 2000 features. For more information, see the Windows 2000 documentation.

To access the following security snap-ins, on the Start menu, click Run, and then type mmc in Open. On the Console menu, select Add/Remove Snap-in, click Add, and then select Security Configuration and Analysis, Security Templates, or Group Policy from the list of snap-ins. For more information about these snap-ins, see the Windows 2000 documentation.

The following are security snap-ins:

Related Topics

Windows 2000 Security