Security Configuration Wizard manifest for SharePoint Foundation 2010
Published: July 15, 2010
This article provides information about how to register the Security Configuration Wizard (SCW) manifest that is included in the Microsoft SharePoint 2010 Administration Toolkit. The SCW manifest adds roles for Microsoft SharePoint Foundation 2010 to Windows Server 2008 Service Pack 2 or to Windows Server 2008 R2.
These roles are specific roles that you create in SCW after you have installed the SharePoint Foundation SCW manifest, and not the server roles to configure Windows features in Server Manager.
SCW is an attack surface reduction tool introduced with Windows Server 2003 Service Pack 1. SCW uses a roles-based metaphor to solicit the functionality required for a server and disables the functionality that is not required. By automating this security best practice, SCW helps to create Windows environments that are less susceptible, on the whole, to security vulnerabilities that have been exploited.
For more information about SCW in Windows Server 2008, see Security Configuration Wizard (http://go.microsoft.com/fwlink/p/?LinkId=185511).
The SCW manifest for Microsoft SharePoint Foundation 2010 is included in the SharePoint 2010 Administration Toolkit. Different versions of the manifest are included for Windows Server 2008 Service Pack 2 and Windows Server 2008 R2.
Before you perform these procedures, confirm that:
You have installed the SharePoint 2010 Administrator Toolkit.
You are running Windows Server 2008 with Service Pack 2 or Windows Server 2008 R2.
You have administrator permission for the Command Prompt window.
Register the SCW manifest
Perform the following procedure to register the SCW manifest.
To register the Microsoft SharePoint Foundation 2010 SCW manifest
Open a Command Prompt window.
If you have User Account Control (UAC) turned on in Windows, you might be prompted to run as administrator.
At the command prompt, type cd C:\Program Files\Microsoft\SharePoint 2010 Administration Toolkit\SCWManifests, or type the location where you installed the SharePoint 2010 Administration Toolkit.
Register the Microsoft SharePoint Foundation 2010 SCW manifest:
If you are using Windows Server 2008 Service Pack 2, type scwcmd register /kbname:SPF2010 /kbfile:SPF2010W2K8.xml and press ENTER.
If you are using Windows Server 2008 R2, type scwcmd register /kbname:SPF2010 /kbfile:SPF2010W2K8R2.xml and press ENTER.
You can now run the SCW to create a security policy that incorporate the roles for SharePoint Foundation 2010.