Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2007-07-06

This topic explains how to apply an existing Security Configuration Wizard (SCW) policy to a computer that has a Microsoft Exchange Server 2007 server role installed. The SCW is a tool that was introduced with Windows Server 2003 Service Pack 1. The SCW automates security best practices to reduce the attack surface for a server. After you create a custom SCW policy, you can use that policy to apply the configured security settings to each Exchange server that runs the same server role or roles in your organization.

Before You Begin

Before you begin, you must follow these steps:

To perform the following procedures, the account you use must be delegated the following:

  • Exchange Server Administrator role and local Administrators group for the target server

To perform the following procedures on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.

For more information about permissions, delegating roles, and the rights that are required to administer Exchange 2007, see Permission Considerations.


To use the Security Configuration Wizard to apply an existing policy

  1. Click Start, point to All Programs, point to Administrative Tools, and then click Security Configuration Wizard to start the tool. Click Next on the welcome screen.

  2. On the Configuration Action page, select Apply an existing security policy. Click Browse, select the XML file for your policy, and then click Open. Click Next.

  3. On the Select Server page, verify that the correct server name appears in the Server (use DNS name, NetBIOS name, or IP address): field. Click Next.

  4. On the Apply Security Policy page, click View Security Policy if you want to view the policy details, and then click Next.

  5. On the Applying Security Policy page, wait until the progress bar indicates Application complete, and then click Next.

  6. On the Completing the Security Configuration Wizard page, click Finish.

For More Information