[THIN] Re: Has anyone come up with the perfect windows 2000 s etup list for creating and MFXP server?
- From: "Ziots, Edward" <EZiots@xxxxxxxxxxxx>
- To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
- Date: Mon, 5 Aug 2002 15:02:42 -0400
I do this for my Windows 2000 Servers, although I dont have AD yet, nor MF
XP, but it works fine for me.
1) Create service pack, hotfix distribution share, which does the following.
1) Installation of SP2 and all Post SP2, hotfixes and those which are now
out in SP3, and even Pre-SP4 fixes.
2) Use Qchain.exe to rollup the hotfixes,
3) Call Compaq SPAQ 5.40 bp000077.bat to do the Compaq Drivers Installation
4) Call Silent Installation Script for Netshield4.5 and SP1.
5) Call Silent Installation Script for CPQ Diagnostics 10.x
6) Call Silent Installation Script for IE 5.5SP2 plus All needed IE Hotfix
rollups.
7) If system has IIS 5.0, I calll my IIS Hotfix Rollup batch file.
8) If system has SQL 7.0 or 2000 then Call that batch file which install SP4
or SP2 ( 2000) plus needed hotfixes)
9) Reboot the system.
10) Run the secedit command with my customized .INF template that is used
with the Security Configuration and Analysis console. This takesa care of
File system permissions, Registry auditing, and lockdown, along with any
service lockdowns I need to complete.
11) Reboot, system is done.
Takes me about 1-2 hrs per machine. But they have a good baseline security.
Then I use the local GPO to disable everything that isn't needed on the
server, IE, Dial-up networking, ICS, MMC consoles for RRAS,DHCP, etc etc.
Then I import a .reg file which puts the standard company security statement
on the login.
I hope this help, what I follow is basically M$, SANS.Org,CERT.ORG, and NSA
guidelines on Secure Server building.
If you got any questions, feel free to email me,
Sincerely,
Ed
-----Original Message-----
From: Robert Williams [mailto:RWilliams@xxxxxxxxxx]
Sent: Monday, August 05, 2002 2:34 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: Has anyone come up with the perfect windows 2000 s
etup list for creating and MFXP server?
This is for a clean brand new machine, also I was refering to
services/addon's also not just service packs....
Thank You,
Robert Williams
Senior Network Administrator
Raypak, Inc.
rwilliams@xxxxxxxxxx
Phone - 805-278-5363
-----Original Message-----
From: Jim Kenzig [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: Monday, August 05, 2002 10:37 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Has anyone come up with the perfect windows 2000 setup
list for creating and MFXP server?
If it is a clean install I think that you are fine. There are some issues
with it if you have installed Post SP2/Pre SP3 patches prior to installing.
I would suggest that people remove any patch of this type before installing
SP3.
Regards,
Jim Kenzig
http://thethin.net
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On
Behalf Of Robert Williams
Sent: Monday, August 05, 2002 1:05 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: Has anyone come up with the perfect windows 2000 setup
list for creating and MFXP server?
Do you think that it is stable enough? I have installed it on my pc but no
where else here yet?
Thank You,
Robert Williams
Senior Network Administrator
Raypak, Inc.
rwilliams@xxxxxxxxxx
Phone - 805-278-5363
-----Original Message-----
From: Jim Kenzig http://thethin.net [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: Friday, August 02, 2002 6:47 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Has anyone come up with the perfect windows 2000 setup
list for creating and MFXP server?
Why bother with all that now just install Service pack 3 for windows 2000.
Both IE 5.5 SP2 and IE6 work fine. JK
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On
Behalf Of Robert Williams
Sent: Thursday, August 01, 2002 6:22 PM
To: 'THIN@xxxxxxxxxxxxx'
Subject: [THIN] Has anyone come up with the perfect windows 2000 setup list
for creating and MFXP server?
I was wondering if anyone has seen or has made a windows 2000 install
checklist....like components, service packs. Hotfixes...what to and not to
select from windows update, and which is the best IE to install prior to
starting the Metaframe xp install.....
Thank You,
Robert Williams
Senior Network Administrator
Raypak, Inc.
rwilliams@xxxxxxxxxx
Phone - 805-278-5363
===================================
This weeks Sponsor:
triCerat, Inc
ScrewDrivers fxp: Self Configuring Printer Driver with Bandwidth Control
Learn more at: http://www.tricerat.com/?page=products&product=sdfxp
===================================
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
===================================
This weeks Sponsor:
triCerat, Inc
ScrewDrivers fxp: Self Configuring Printer Driver with Bandwidth Control
Learn more at: http://www.tricerat.com/?page=products&product=sdfxp
===================================
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
===================================
This weeks Sponsor:
triCerat, Inc
ScrewDrivers fxp: Self Configuring Printer Driver with Bandwidth Control
Learn more at: http://www.tricerat.com/?page=products&product=sdfxp
===================================
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
===================================
This weeks Sponsor:
triCerat, Inc
ScrewDrivers fxp: Self Configuring Printer Driver with Bandwidth Control
Learn more at: http://www.tricerat.com/?page=products&product=sdfxp
===================================
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
===================================
This weeks Sponsor:
triCerat, Inc
ScrewDrivers fxp: Self Configuring Printer Driver with Bandwidth Control
Learn more at:
http://www.tricerat.com/?page=products&product=sdfxp
===================================
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
===================================
This weeks Sponsor:
triCerat, Inc
ScrewDrivers fxp: Self Configuring Printer Driver with Bandwidth Control
Learn more at:
http://www.tricerat.com/?page=products&product=sdfxp
===================================
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
Other related posts: