Share via

Troubleshooting Security Configuration Wizard Problems

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

This section lists some error messages and suggestions for handling them, as well as some basic requirements for using Security Configuration Wizard (SCW).

Running Security Configuration Wizard

SCW is supported on members of the Windows Server 2003 family with Service Pack 1 only.

Applying Security Configuration Wizard security policy

The security policies that are created with SCW should only be applied to servers and groups of servers. They should not be applied to client operating systems such as Microsoft® Windows® XP.

Internet Information Services (IIS) role not being detected by SCW

If an SCW security policy is applied to a server before IIS is installed, the server will be configured with the Hypertext Transport Protocol (HTTP) Secure Sockets Layer (SSL) service disabled, as HTTP SSL is not required on a computer that is not a Web server. If IIS is then installed on the server and SCW is run, the Administrator must first ensure that IIS is started, in order for IIS to be detected by SCW. IIS cannot run without the HTTP SSL service.

Error messages

Cannot Process XML Data

  • The Microsoft XML core services are corrupted or not installed.

Cannot Process Security Configuration Database

  • There is a problem with Main.XML. Check the Application log, which might have more information.

The Security Configuration Wizard cannot continue because the security configuration database processing failed.

  • There is a problem with Main.XML. Check the Application log, which might have more information.

You do not have administrator privileges on the selected server. Click Specify User Account to provide an administrator account on the selected server.

  • You must be an administrator on the local server to run SCW, or you must specify Administrative credentials on a remote server. If you are trying to apply a policy to a server, then the policy must be available on the server running SCW. You must also be authenticated as an administrator on the computer that is receiving the policy.

Cannot Rollback Last Applied Security Policy

  • Check the Application log, which might have more information.

The selected security policy file has a format that is not valid. Select another security policy file and try again.

  • You can receive this message if you browse to, or type in, an XML file that is not a security policy file. If this is a security policy file that you created, try running SCW again to recreate it.

Not Found!

  • In the Network Security section of SCW, this message is shown if SCW cannot verify that an approved application exists at the specified path. This is not necessarily a problem, as you may be configuring a policy for a remote server. If the application will exist at the specified path at the time the policy is applied, the Not Found! message can be ignored.

Cannot determine the IP address from the computer name. The lookup service is not available.

  • In the Network Security section of SCW, the IP address of the computer name you entered must be resolvable, or you cannot continue. If the computer has a static IP address (not assigned by DHCP), then you can enter the IP address instead of the name.