Apply Security Policy

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

You can apply a security policy immediately after creating or editing by selecting Apply now on this page. If you want to make changes to the policy, or if you do not want to apply the security policy to the selected server, select Apply later on this page. If you choose to apply the policy later, no changes are made to the selected server. When you want to apply the security policy, run Security Configuration Wizard (SCW) and, on the Configuration Action page, choose the Apply an existing security policy option. Alternatively, you can use the Security Configuration Wizard command-line tool to apply the security policy.

Restarting a server (rebooting) after applying security policy

After SCW security policy is applied to a server, it may be necessary reboot that server.

For the following services to be disabled, you must restart the selected server after applying the SCW policy:

• Windows Audio

• Application Management

• Terminal Services

After applying the policy, the startup mode changes. However, these services continue to run until the computer is restarted.

If the security policy configures exceptions for applications or services (that is, the security policy adds them to the allowed exceptions list) and those applications or services were running before Windows Firewall was started, the computer will have to be restarted for these applications and services to run properly. For more information on approving applications, see Approving Applications.

If the security policy applies to services that are not found in the Security Configuration Database, and which therefore were entered in the Select Additional Services or the Handling Unspecified Services pages of SCW, then the selected server must be rebooted for the applied policy to take effect.