Topic Last Modified: 2005-11-18

The Microsoft® Exchange Server Analyzer Tool reads the following registry value to determine which version of the Microsoft Windows® operating system is running on the Exchange server:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\CurrentVersion

If the CurrentVersion value equals 5.0, the Exchange server is running on Microsoft Windows 2000 Server. If the CurrentVersion value is 5.2, the Exchange server is running on Microsoft Windows Server™ 2003.

Additionally, the Exchange Server Analyzer reads the following registry value to determine the path for the Windows Program Files directory:


The Exchange Server Analyzer then examines the Windows Program Files directory to determine whether the Windows Program Files directory contains the \Exchsrvr folder for Exchange Server.

Finally, the Exchange Server Analyzer queries the Win32_OperatingSystem Windows Management Instrumentation (WMI) class to determine the value for the ServicePackMajorVersion key. The value for the ServicePackMajorVersion key indicates which Windows service pack is installed on the computer.

The Exchange Server Analyzer displays a warning if the following conditions are true:

This warning indicates that Exchange Server 2003 is not installed in the default Program Files folder on the server and that the Security Configuration Wizard is installed on the Exchange server. The Security Configuration Wizard is a tool that is included as an optional component of Windows Server 2003 Service Pack 1. If the Security Configuration Wizard is installed on an Exchange server, manual configuration of the Network Security section is needed.

To install the Security Configuration Wizard, you must first install Windows Server 2003 Service Pack 1. After Service Pack 1 is installed, open Add/Remove Programs in Control Panel to install the Security Configuration Wizard.

The Security Configuration Wizard helps reduce the attack surface of Windows servers by asking the user a series of questions that are designed to determine the functional requirements of a server. Specifically, the Security Configuration Wizard helps you perform the following tasks:

The Security Configuration Wizard guides you through the process of creating, editing, applying, or rolling back a security policy that is based on the selected roles of the server. The security policies that are created by using the Security Configuration Wizard are XML files that configure services, network security, specific registry values, and audit policy when they are applied. If applicable, Internet Information Services (IIS) can also be configured.

The Security Configuration Wizard includes a Network Security feature that configures and adds exceptions to Windows Firewall, in addition to performing other functions. Windows Firewall is the new version of the stateful packet filter in Windows Server 2003 Service Pack 1. Windows Firewall was first introduced in Windows XP Service Pack 2. It was called Internet Connection Firewall in Windows XP Service Pack 2.

There is a known issue that occurs when the Network Security feature in the Security Configuration Wizard runs on an Exchange server on which Exchange Server is not installed in the default path. In this configuration, the application of the resultant policy may cause Exchange Server to be inaccessible by clients. When the Network Security feature is used on an Exchange server on which Exchange Server is not installed to the default path, the Security Configuration Wizard can configure Windows Firewall to block TCP/IP port access by Exchange Server processes, such as the System Attendant (Mad.exe), the Microsoft Exchange Information Store (Store.exe), or the message transfer agent (Emsmta.exe). In this configuration, the Security Configuration Wizard displays Not Found! next to each process. If the Security Configuration Wizard is run until it is completed with a process that has Not Found! next to it, the Security Configuration Wizard applies security policy to the Windows Firewall that blocks network access by that process.

If the blocked processes include one or more Exchange Server processes, Exchange Server may become inaccessible by clients and other servers. If this condition exists, you should perform one of the following procedures to correct the problem.

To correct the problem

For more information about Windows Server 2003 Service Pack 1 and the Security Configuration Wizard, see the Windows Server 2003 TechCenter (