Export (0) Print
Expand All

Managing the Security Configuration Database

Applies To: Windows Server 2008 R2, Windows Server 2012

The Security Configuration Database consists of a set of .xml files that list services and ports that are required for each server role that is supported by the Security Configuration Wizard (SCW). These files are installed in %systemroot% \security\ssscw\kbs. After you select a server, the server is scanned to determine the following:

  • Roles that are installed on the server

  • Roles that are likely being performed by the server

  • Services that are installed but not part of the Security Configuration Database

  • IP addresses and subnets that are configured for the server

SCW combines this server-specific information into a single .xml file named Main.xml. SCW displays Main.xml if you click View Configuration Database on the Processing Security Configuration Database page.

Centralizing the Security Configuration Database

You may want to maintain the Security Configuration Database in a central location that can be used throughout your organization. This allows local administrators in multiple locations to use the same Security Configuration Database. SCW.exe accepts a command-line argument for the centralized database location.

To specify a centralized configuration database, run the following command at a command prompt:

scw.exe /kb SCWKBDirectoryLocation

For example, two possible commands are:

scw.exe /kb \\securityserver\scwkb

scw.exe /kb k:\

noteNote
The local administrator who runs SCW must have at least Read permission to the remote Security Configuration Database directory. In non-domain environments, the local administrator may need to provide credentials in order to access the centralized server. This can be accomplished by first establishing a connection to the server. For example, you might use the following command: Net use k: \\securityserver\scwkb /u:securityserver\User1

For more information about selecting server roles, see Select Server Roles.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft