Importing the Exchange Group Policy Security Templates
The Exchange Group Policy Security Templates are contained in the E2k3SecOps.exe file (available from the Microsoft Download Center). You must extract this file prior to importing the security templates.
These security templates are designed to increase the security in your Exchange 2003 environment. However, when you import these templates, you may lose functionality in your environment—this could include the failure of mission-critical applications. Therefore, it is essential that you thoroughly test these templates and make any appropriate changes before deploying them in a production environment. Be sure to include custom applications, third-party applications, and other software that interacts with your messaging system in your testing. Also, be sure to back up each domain controller and server prior to applying new security settings. Ensure that the system state is included in the backup, including registry data and Active Directory databases.
Note
The Domain Controller Baseline Policy and the Member Server Baseline Policy (included in the Windows Server 2003 Security Guide) sets the LAN Manager Authentication level at NTLMv2 only. For Outlook clients to successfully communicate with Exchange servers and domain controllers, they must also be configured to use NTLMv2.
For detailed steps, see "How to Create the Exchange GPOs and Import the Exchange Group Policy Security Templates."