A: Yes, Microsoft provides specific SCW security templates for the different Exchange 2007 server roles, but these templates aren't installed by default. The templates are defined in an xml-formatted file that is automatically copied to your system when you install an Exchange 2007 server. To use the Exchange 2007 templates, you must register them in the SCW database. You can do this from the command line using the scwcmd command line utility.
The syntax of the command differs depending on what Exchange 2007 server roles you want to install the templates for and whether you're installing the templates on a Windows Server 2003 or Windows Server 2008 platform. To register the extensions on a Server 2003 computer that's running the Mailbox, Hub Transport, Unified Messaging, or Client Access server role, use the command
scwcmd register /kbname:Ex2007KB /kbfile:"%programfiles%\Microsoft\Exchange Server\scripts \Exchange2007.xml"
On a Server 2003 computer that's running the Edge Transport server role, use
scwcmd register /kbname:Ex2007EdgeKB /kbfile:"%programfiles%\Microsoft\Exchange Server \scripts\Exchange2007Edge.xml
On a Server 2008 computer that's running the Mailbox, Hub Transport, Unified Messaging, or Client Access server role, use
scwcmd register /kbname:Ex2007KB /kbfile:"%programfiles%\Microsoft\Exchange Server\scripts \Exchange2007_WinSrv2008.xml"
On a Server 2008 computer that's running the Edge Transport server role, use
scwcmd register /kbname:Ex2007EdgeKB /kbfile:"%programfiles%\Microsoft\Exchange Server \scripts\Exchange2007Edge_WinSrv2008.xml"
Afterwards, when you run the SCW you'll notice that you can select the different Exchange 2007 server roles in the Select Server Roles section, as shown here.
Click to expand. |
Microsoft offers more detail on using the SCW for securing Exchange 2007 installations.
Related Reading: