Partager via


Managing security

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Managing security

  • Using the Windows interface

  • Using command-line tools

Using the Windows interface

The following table lists some of the most common tasks for managing security, and the tools you can use to perform them. For more information, click the corresponding link under Tool or Feature.

Task Tool or feature

Secure a computer by granting users or groups specific user rights, or assign permissions to an object to enable users or groups to perform specific actions on that object.

Access Control

Set up an auditing policy to record user or system activity in specified event categories.

Auditing Security Events

Confirm the identity of any user trying to log on to a domain or access network resources.

Authentication

Grant access to assigned user roles related to job function.

Authorization Manager

Encrypt files and directories that are stored on a disk.

Encrypting File System

Verify and authenticate the validity of each party involved in an electronic transaction through the use of public key cryptography.

Public Key Infrastructure

Create, apply, and edit the security for your local computer, organizational unit, or domain.

Security Configuration Manager

Understand security.

Security overview

Identify software and control its ability to run on your local computer, organizational unit, domain, or site.

Software Restriction Policies

For more information about deploying security, see "Part 2: Deploying Distributed Security Services" at the Microsoft Windows Resource Kits Web site.

For more information about managing security, see "Part One: Security" at the Microsoft Windows Resource Kits Web site.

Using command-line tools

The following table lists some of the most common tasks for managing security, and the command-line tools you can use to perform them. For more information, click the corresponding link under Command-line tool.

Task Command-line tool

Display or modify discretionary access control list (DACL) files.

Cacls

Request certificates from a certification authority (CA).

Certreq

Process and display certification authority (CA) configuration information, configure Certificate Services, back up and restore CA components, and verify certificates, key pairs, and certificate chains.

Certutil

Create, list or delete stored user names and passwords or credentials.

Cmdkey

Enable a user to run specific tools and programs with different permissions than the user's current logon provides.

Runas

Configure and analyze system security by comparing your current configuration to at least one template.

Secedit

Recover access to a file that previously was denied by making the administrator owner of the file.

Takeown

Display domain or computer name, user name, group names, logon identifier and privileges for the user currently logged on.

Whoami

For more information about the command shell, see Command shell overview. For information about tools used to manage the command-prompt window, see Manage the command-prompt window. For an alphabetical list of all of the command-line tools, see Command-line reference A-Z.