Role-based security from Windows Server 2003 Security Guide gives problems

Giganews Newsgroups
Subject: Role-based security from Windows Server 2003 Security Guide gives problems
Posted by:  Mikael Oskarsson (nospam@abc.se)
Date: Mon, 6 Nov 2006

Hello

I have an Ad-environment with 2 Windows 2003 SP1 eng server and some Windows
2003 SP1 eng member server.
I have applied some EC-server policy from Microsoft document from april
2006.

On Domain root I have applied EC-Domain.inf
On Domain Controller OU I have applied EC-Domain Controller.inf
On Member Server OU I have applied EC-Member Server Baseline.inf
On sub OU Web OU I have applied EC-IIS server.inf

I joined 2 new web-servers to the domain and put them in the default
Computer OU. Lets call them lt104 and lt135 as servername.

Now my problems starts

If I from DC run My Computer > Manage > Connect to another computer, select
server104 see errors in word file.

If I from a member server that lies in Web OU run MBSA against all server
in the domain I get errors from scanning lt104 se word file

If I move the server lt104 to Web OU, none of the above errors occur. But
the server lt104 needs to connect to a standalone server to get picture and
I cant connect to that standalone server if lt104 is in the Web OU but it
works if it lies in Computer OU.

Any ideers whats causing this problem

Regards

Mikael

Replies