MZ@ !L!This program cannot be run in DOS mode. $Rؕ3}3}3}H̴3}H̱3}Rich3}PEL!  8P@6.rsrc@8@@0H,efgh(i@jXkplmnpqrst0uHv`wxxyz{|}~ 8Ph(@Xp0H`x     8PhE R( S@ TX Up V               0  @  P  `  p                        0  @  P  `  p                        0  @  P  `  p                        0  @  P  `  p                      0 @ P ` p@#'@+@-d/1468T<V?BCIKtLO^XQDT8UW\`4djp: Py~$lxH`0*\8TV0x@ l^ L tV~h |lP(#8*:02L6670:Zp: |;&=^@.4@Bx8CMUI5sCkdCˮfA9 MUIen-USH@lWelcome to the Security Configuration WizardMS Shell DlgPsWelcome to the Security Configuration WizardPs(()Ps\ P\ This wizard detects the inbound ports that are listened to by this server. Before continuing, make sure that all applications that use inbound ports are running.Ps~ This wizard does not install components or set up a server to perform specific roles. To do this, run the Server Manager.PsTo continue, click Next.@s'SysLinkLearn more about <a>Security Configuration Wizard</a>.H@lCompleting the Security Configuration WizardMS Shell DlgPsCompleting the Security Configuration WizardPs(You have successfully completed the Security Configuration Wizard.Ps<)The security policy you created is located at:P~LPs]To apply this security policy to the selected server or other servers later, run this wizard again.PsxTo close this wizard, click Finish.PAH@ lConfiguration ActionsMS Shell DlgPBSelect the action you want to perform: PB &Create a new security policy P"B &Edit an existing security policy P.B &Apply an existing security policy P:B &Rollback the last applied security policyPR>E&xisting security policy file:P^ P%^2Br&owse...@B'SysLinkLearn more about <A>configuration actions</A>.H@lSelect Server RolesMS Shell DlgP&View:!P# P^&Select the server roles that the selected server performs:!P#^EXPANDCHECKLIST@^'SysLinkLearn more about <A>server roles</A>.PAH@lProcessing security configuration databaseMS Shell DlgP2Processing security configuration database...PBmsctls_progress32P$B @8x&View Configuration Database@B'SysLinkLearn more about <a>security configuration database</a>.H@lSelect Client RolesMS Shell DlgP&View:!P# P^&Select the client features that the selected server performs:!P#^EXPANDCHECKLIST@^'SysLinkLearn more about <A>client features</A>.H@lUnspecified servicesMS Shell DlgPBThis security policy might be applied to servers with services not specified by the policy. When an unspecified service is found, perform the following action: P B D&o not change the startup mode of the service P.B &Disable the service@B'SysLinkLearn more about <A>unspecified services</A>.PAH@lAdditional servicesMS Shell DlgP^&Select the additional services that the selected server requires:!P^EXPANDCHECKLIST@^'SysLinkLearn more about <A>additional services</A>.H@lAdministration optionsMS Shell DlgP&View:!P# P^&Select the options used to administrate the selected server:!P#^EXPANDCHECKLIST@^'SysLinkLearn more about <A>administration options</A>.PAH@lConfirming service changesMS Shell DlgP&View:!P# P^If applied to the &selected server, this security policy would use the following service configuration:P+^cSysListView32PPOTo undo any of the above changes, go back to the previous pages and change the selection listed in the Used By column.@^'SysLinkLearn more about <A>confirming service changes</A>.PAH@ lSaving security policiesMS Shell DlgPB&Security policy file name (a '.xml' file extension will be appended if not provided):P P%2B&rowse...P'B&Description (optional):DP3BP Ps&View Security PolicyPs7Include Security &Templates...PB@B'SysLinkLearn more about <A>saving security policies</A>.PAH@lApplying security policiesMS Shell Dlg PB Apply l&ater P'B Apply n&owP 7Run this wizard again to apply this security policy at a later time.P 27When you click Next, the wizard applies this security policy to the selected server.@C'SysLinkLearn more about <A>applying security policies</A>.PAH@lApplying PolicyMS Shell DlgPB(PBmsctls_progress32P$B@Fd&View Log FileH@lSelecting and configuring groups of serversMS Shell DlgPB)If you want to configure a group of similar servers, select a server that is representative of the servers you want to configure. You can then apply the same security policy to the other servers.P!B&Server (use DNS name, NetBIOS name, or IP address):P- P%-2B&rowse...POP%P+You must have administrator privileges on the selected server. If your current user account does not have administrator privileges on the selected server, click Specify User Account below.P`Specify &User Account...@B'SysLinkLearn more about <A>selecting and configuring groups of servers</A>.H@lCannot Process XML DataMS Shell DlgPsCannot Process XML DataPs((PsgTo close this wizard, click Finish.@s'SysLinkLearn more about <A>installing the Microsoft XML Core Services</A>.PAH@lRolling back security policyMS Shell DlgPB(Rolling back security policy...PBmsctls_progress32P(B@;d&View Log FileH@lAuditing policyMS Shell DlgPBSelect your auditing objective: PB &Do not audit P3B &Audit successful activities P_B A&udit successful and unsuccessful activitiesP "7This option does not perform any auditing.P >7 P j7()@B'SysLinkLearn more about <A>auditing policy</A>.H@lView Log FileMS Shell DlgPsPs()Ps(0Psdd&View Log FilePszTo close this wizard, click Finish.PAH@lConfiguring services based on rolesMS Shell DlgPsRole-Based Service ConfigurationPs(()PsR PR0@s &Skip this section@If you skip this section, this security policy will not configure services.@s'SysLinkLearn more about <A>configuring services based on roles</A>.H@lErrorMS Shell DlgPvPv(PvHTo close this wizard, click Finish.PAH@lRegistry SettingsMS Shell DlgPsRegistry SettingsPs00)Psb Pb8Ps &Skip this sectionPIf you skip this section, this security policy will not configure registry settings.@s'SysLinkLearn more about <A>registry settings</A>.H@lSMB security signaturesMS Shell DlgPBThe selected server has the following attributes:$PB.&All computers that connect to it satisfy the following minimum operating system requirements:P+iP(*/ Windows NT 4.0 Service Pack 6a or laterP5iP(4/ Windows 95 with the Directory Services Client Pack installedP?iP(>/ Windows 98 or Windows Millennium EditionPI*iP(H/ Windows CE .NET 4.2 (for example Windows Mobile 2003 Second Edition) or later$PYB1It has &surplus processor capacity that can be used to sign file and print trafficP!l6 This option digitally signs all file and print traffic. This signing is processor intensive, so it is recommended only if the server does not normally exceed 70% processor utilization.PBThese settings affect the RequireSecuritySignature value in HKLM\System\CurrentControlSet\Services\LanManServer\Parameters.@B'SysLinkLearn more about <A>SMB security signatures</A>.H@lOutbound authentication methodsMS Shell DlgPBSelect the methods the selected server uses to authenticate with remote computers:PB +&Domain AccountsP#B ,&Local Accounts on the remote computersP/B/&File sharing passwords on Windows 95, Windows 98, or Windows Millennium EditionP:These settings affect the lmcompatibilitylevel value in HKLM\System\CurrentControlSet\Control\LSA.@B'SysLinkLearn more about <A>outbound authentication methods</A>.H@lAuthenticating using domain accountsMS Shell DlgPBAll domain controllers containing domain accounts used to connect to other computers have the following attributes:PB-&Windows NT 4.0 Service Pack 6a or later operating systemsP/B 0&Clocks that are synchronized with the selected server s clockP!96 Domain controllers running Windows 2000 Server Service Pack 4 or earlier must have clocks within 30 minutes of the selected server s clock.PBThese settings affect the lmcompatibilitylevel value in HKLM\System\CurrentControlSet\Control\LSA.@B'SysLinkLearn more about <A>authenticating using domain accounts</A>.PAH@lAuthenticating using local accountsMS Shell DlgPBAll computers that the selected server connects to using local accounts have the following attributes:PB-&Windows NT 4.0 Service Pack 6a or later operating systemsP/B 0&Clocks that are synchronized with the selected server's clockP!96 Computers running Windows 2000 Service Pack 4 or earlier must have clocks within 30 minutes of the selected server s clock. Computers running Windows XP must have clocks within 36 hours of the selected server s clock.PBThese settings affect the lmcompatibilitylevel value in HKLM\System\CurrentControlSet\Control\LSA.@B'SysLinkLearn more about <A>authenticating using local accounts</A>.H@ lSupporting NTLMv2 authenticationMS Shell DlgPB)PB 2&Computers that require LAN Manager authenticationP!!6 Versions of Windows that require LAN Manager authentication include Windows for Workgroups, Windows CE 4.0, and Windows 95, Windows 98, or Windows Millennium Edition without the Directory Services Client Pack installed.PBB 3C&omputers that have not been configured to use NTLMv2 authenticationP!L6NTLMv2 authentication requires client computers to have the lmcompatibilitylevel registry value set to at least 3 (Emit only NTLMv2).$@eB+Co&mputers using RAS or VPN to connect to RAS servers that are not running Windows Server 2003 Service Pack 1 or later@!x6 RAS and IAS servers require Windows Server 2003 Service Pack 1 and, by default, support for PEAP-MSCHAPv2 authentication only in order to authenticate users with Domain Controllers that accept only NTLMv2.PBThese settings affect the lmcompatibilitylevel and nolmhash values in HKLM\System\CurrentControlSet\Control\LSA.@B'SysLinkLearn more about <A>supporting NTLMv2 authentication</A>.PAH@lLDAP signingMS Shell DlgPBAll directory-enabled computers that access the Active Directory in the selected server s domain satisfy the following minimum operating system requirement:$PB -&Windows 2000 Service Pack 3 or laterP!)6These computers include all domain members, all domain members in trusted domains, and all computers that need to make LDAP queries.PBThis setting affects the LDAPServerIntegrity value in HKLM\System\CurrentControlSet\Services\NTDS\Parameters.@B'SysLinkLearn more about <A>LDAP signing</A>.PAH@lConfirming registry settingsMS Shell DlgP^If &applied to the selected server, this security policy would use the following registry settings:P^xSysListView32PPOTo change any of the above settings, go back to the previous pages in this section and change the selections that determined the setting.@^'SysLinkLearn more about <A>confirming registry settings</A>.PAH@lAudit PolicyMS Shell DlgPsAudit PolicyPs(@)Psn Pn Warning: Any system access control lists (SACLs) specified in this section and applied via the resultant policy cannot be removed using SCW rollback.Ps &Skip this sectionPIf you skip this section, this security policy will not configure auditing.@s'SysLinkLearn more about <A>audit policy</A>.PAH@lConfirming auditing changesMS Shell DlgP^If &applied to the selected server, this security policy would use the following auditing configuration:P^aSysListView32$P~^Also include the SCWAudit.inf security template. SCWAudit.inf sets System Access Control Lists (SACLS) in order to audit access of the file systemPPOCOnce applied, these SCWAudit.inf SACLs cannot be removed using the SCW rollback action.@^'SysLinkLearn more about <A>confirming auditing changes</A>.Ȁ XInclude Security TemplatesMS Shell DlgPJ&Security templates: P1e6SysListView32@P>8Up@P>39DownP{JTemplate settings higher in the list have higher priority. Wizard settings have the highest priority.P2&Add...P=2 &RemovePP;Once applied, any security descriptors for registry or file system objects in these security templates cannot be removed using the SCW rollback action.@J'SysLinkLearn more about <A>including security templates</A>.P2OKP2CancelH@ lNetwork SecurityMS Shell DlgPsNetwork SecurityPs0Use this section to configure rules for Windows Firewall with Advanced Security based on the roles and administrative options you selected.Ps;P: )Answering these questions incorrectly might prevent the selected server from communicating with other computers.PsT0PUU1A specific role or task you selected for this server requires that Windows Firewall be disabled. In this scenario Network Security policy cannot be configured by the Security Configuration Wizard and must be skipped.Ps &Skip this sectionP(CIf you skip this section, this security policy will not contain firewall settings.@s'SysLinkLearn more about <A>network security</A> and managing network security risk with SCW.PAH@lNetwork Security RulesMS Shell DlgP&View:!P# !P^jEXPANDCHECKLISTP2&Add...P=2&Edit...Ps2 &Remove@^'SysLinkLearn more about <A>viewing and managing rules</A>.PAH@lSave Security PolicyMS Shell DlgPsSave Security PolicyPs(0H@lYou are about to apply the selected security policy.MS Shell DlgPCYou are about to apply the selected security policy.@Pd&View Security PolicyP,B&Security policy description:DP6BZ PCTo apply the security policy to the selected server, click Next.@C'SysLinkLearn more about <A>applying security policies</A>.PAH@lYou are about to roll back the last applied policy.MS Shell DlgPCYou are about to roll back the last applied policy.@Pd&View Rollback FilePCTo roll back the last applied security policy from the selected server, click Next.@C'SysLinkLearn more about <A>rolling back security policies</A>.PAȀkGeneralMS Shell DlgPCOGeneralPP<Name:P<P<-QDescription (Optional):DP<6P` P<^* Inbound P<h. OutboundPVC"DirectionP P<W Allow all connections P<o Allow only secure connectionsPSM Require encryption P<U Block the connections@C'SysLinkLearn more about <A>Firewall Rules</A>.PxC0ActionȀ kPrograms and ServicesMS Shell DlgPC;ProgramsP P< Do not restrict by program P<> This program:P<(P (2Browse...PFC;ServicesPP P<P Do not restrict by service P<Z> This service:P<gP g2Browse...@C'SysLinkLearn more about <A>Firewall Rules</A>.PAȀkProtocols and PortsMS Shell DlgPC/Protocols and PortsPPN0Protocol Type:!P PN%:Protocol Number: X!P<CgTCP and UDP specific ConfigurationPFPNJ$Local Port:!PJ XYPhGExample 80,445,8080PNyFRemote Port:!Py XPGExample 80,445,8080@C'SysLinkLearn more about <A>Firewall Rules</A>.PAȀkScopeMS Shell DlgPCNLocal IP AddressesP P<@ Any IP Address P<P These IP Addresses:PLocal IP NumbersAP<#,SysListView32Local IP NumbersP#2Add...P22Edit...PA2RemovePXCNRemote IP AddressesPb P<`> Any IP Address P<jT These IP Addresses:PRemote IP NumbersAP<s,SysListView32Remote IP NumbersPs2Add...P2Edit...P2Remove@C'SysLinkLearn more about <A>Firewall Rules</A>.PAȀkAdvancedMS Shell DlgPC~Interface TypesPP<- EnabledPCFirewall Rule@C'SysLinkLearn more about <A>Firewall Rules</A>. P<{ @Do not restrict by interface cards P<W AThese interface cardsPI&USysListView32ȀwCustomize Service SettingsMS Shell DlgPServices ListPiSysListView32Services List@'SysLinkLearn more about <A>services</A>.P2OKP>2CancelȀIP AddressMS Shell DlgPsSpecify the IP addresses to match: Pf This IP address or subnet: Pb> This IP range: Po Predefined set of computers:P!4Example:P@4,192.168.0.12P@=3192.168.0.0/24P@F|2002:9b3b:1a31:4208:74ff:fe39:6c43P@O2002:9b3b:1a31:4208:74ff:fe39:0/112P%!PqFrom:P-qP To:P-#P- BP2CancelP{2OK@m'SysLinkLearn more about <A>IP Addresses</A>.PAH@MS Shell DlgP PDYou must specify a name for firewall rulePA?Cannot connect to admin$ share on target server with error: %1Security Configuration WizardYou must have administrator privileges on the selected local server. If your current user account does not have administrator privileges on the selected local server, click Cancel, rerun the wizard using Run As, and specify another account.System Audit Policy<Determine an audit policy based on your auditing objectives.To continue, click Next.-Processing security configuration database...The wizard did not initialize.YesWelcomeWelcomeYou must have administrator privileges on the selected server. If your current user account does not have administrator privileges on the selected server, click Specify User Account below.This wizard helps you create a security policy that you can apply to any server on your network. The security policy configures services and network security based on the server s role, as well as configures auditing and registry settings.FinishedFinished subtitle.Configuration Action#Rolling Back Security ConfigurationlThe Security Configuration Wizard is rolling back the last applied security policy from the selected server.SCWSecurity Policy File NameVThe security policy file will be saved with the name and description that you provide. Description:,Security Policy (.xml)|*.xml|All Files|*.*||%1 (%2)Apply Security PolicyFYou can apply the security policy to the selected server now or later.Applying Security PolicyYThe Security Configuration Wizard is applying the security policy to the selected server. Select ServerThe server that you select will be used to create a security policy that can be applied to that server or to any server with a similar configuration.The Security Configuration Wizard cannot continue because it could not find a compatible version of the Microsoft XML Core Services file (msxml4.dll). To continue, install Microsoft XML Core Services file (msxml4.dll) version 4.10.9404.0 or later.PA~You can create a new security policy; edit or apply an existing security policy; or rollback the last applied security policy.The selected security policy file cannot be found. Type in a different security policy file or click Browse to view the available files.Select Server RolescThese server roles are used to enable services and open ports. A server can perform multiple roles.GCould not find %1. Try running the wizard again to regenerate the file.*Processing Security Configuration DatabaseXThe security configuration database contains information about roles and other features.Select Client Features~Servers also act as clients. These client features are used to enable services. A server can support multiple client features.Select Additional ServicesyThere are services installed on the selected server that were found while processing the security configuration database.Handling Unspecified ServicesUnspecified services are services that are not installed on the selected server and not listed in the security configuration database.The selected file is not a valid security policy file. Type in a different security policy file or click Browse to view the available files./Security Templates (.inf)|*.inf|All Files|*.*||Processing complete'Select Administration and Other OptionsRThese administration and other options are used to enable services and open ports.Confirm Service ChangesvBefore continuing, confirm that the service changes resulting from your role and other feature selections are correct.Used by:Authentication MethodsYou configured ports to request or require security. Indicate how to authenticate remote computers when negotiating IP Security. Not available Description:Required services:Current startup mode:Policy startup mode: Protocols:6The OS version of the selected server is not supportedYou do not have administrator privileges on the selected server. Click Specify User Account to provide an administrator account on the selected server.Reading XML file %1 failed.zIf you cancel the Security Configuration Wizard, no changes will be made. Are you sure that you want to cancel the wizard? Preparing...Applying security policy...<By default, the policy file is saved on this computer at %1.Cannot Process XML Data.Cannot Process Security Configuration Database}The Security Configuration Wizard cannot continue because the security configuration database processing failed. Problem: %17Writing the security policy file %1 failed with error: The Security Configuration Wizard cannot continue because the security policy could not be applied to the selected server. Problem: %1Cannot Apply Security PolicyThe Security Configuration Wizard cannot continue because the last applied security policy could not be rolled back successfully. Problem: %1,Cannot Rollback Last Applied Security PolicyApplication completeRollback completeFor the Technology Preview, the log file (back_end.log) cannot be viewed on remote computers. In a default installation, this file can be found at %windir%\security\msscw\logs\back_end.log.-%1 already exists. Do you want to replace it?Installation Problem FoundThe Security Configuration Wizard cannot continue because the required registry information was not found on this computer. Please reinstall the wizard and try again.This security policy is not valid or using a file format that is no longer supported. Recreate the policy using the current version of the Security Configuration Wizard. Connect to %1This feature is not supported in Windows 2000. To use other credentials on the selected server, cancel the wizard and restart it using RunAs._The configuration of the server you select will be used as a baseline for this security policy.bThe configuration of the server that you select will be used to edit the selected security policy.=The security policy will be applied to the server you select.^The server that you select will be evaluated for compliance with the selected security policy.UThe most recently applied security policy will be removed from the server you select.Select a server to use as a baseline for this security policy. You can apply this policy to the selected server or to any other server with a similar configuration.Select the server that was used as a baseline for this security policy. You can apply this policy to the selected server or to any server on your network with a similar configuration.ASelect the server to which you want to apply the security policy.FSelect the server to evaluate for compliance with the security policy.\Select the server from which you want to rollback the most recently applied security policy.PAThe selected server must have the Security Configuration Wizard installed before you can continue. Install the wizard on the selected server and try again.Require SMB Security SignaturestThe following information determines whether Server Message Block (SMB) security signatures are enabled or required.Outbound Authentication MethodszThe following information is used to determine the LAN Manager authentication level used when making outbound connections.-Outbound Authentication using Domain AccountszThe following information is used to determine the LAN Manager authentication level used when making outbound connections.,Outbound Authentication using Local AccountszThe following information is used to determine the LAN Manager authentication level used when making outbound connections.Inbound Authentication MethodsThe following information is used to determine the inbound LAN Manager authentication level and whether LAN Manager hashes are stored.Details:FUsers with local accounts on the selected server need to connect from:FUsers with accounts in this domain need to access member servers from:Require LDAP Signing]The following information determines whether LDAP signing is required by the security policy.PA All rolesInstalled rolesRegistry Settings SummaryCBefore continuing, confirm that your registry settings are correct.Installed features All optionsInstalled options All features Not DefinedRequired roles:Reading %1 failed with error: Use this section to configure protocols used to communicate with other computers. When configured to communicate with computers running earlier versions of Windows, these protocols are vulnerable to exploits such as password cracking and man-in-the-middle attacks.Answering these questions incorrectly might prevent computers running earlier versions of Windows from communicating with the selected server. If you do not know the characteristics of the computers that are communicating with the selected server, you should skip this section.LAN Manager authenticationLAN Manager hashesSettingRegistry Value Current Data Policy Data Registry KeyChanged services All servicesUninstalled rolesSelected rolesUninstalled featuresSelected featuresUninstalled optionsSelected options?The selected server does not have a rollback file. Problem: %11This option audits both successful changes and failed attempts to system and configuration files, allowing you to determine who changed system or configuration files, as well as detect attempts to make unauthorized changes. It will degrade system performance more than auditing just successful activities.Audit Policy SummaryEBefore continuing, confirm that your auditing selections are correct.PAAudit Event TypeCurrent SettingPolicy Setting>Use this section to configure auditing based on your auditing objectives. The auditing policy determines the success and failure events that are logged as well as the file system objects that are audited. Auditing file system objects can degrade system performance and can result in a large number of events generated. System Events Logon Events Object Access Privilege Use Policy ChangeAccount ManagementProcess TrackingDirectory Service AccessAccount Logon Events Not auditedSuccess, failureSuccessPAFailureName Description$The system cannot find the file: %1 UndefinedManual AutomaticDisabledIgnoredEdge Traversal IP TLS In IP TLS OutProtocol NumberUse this section to configure services based on the selected server s roles and other features. These roles and other features are also used to determine settings in other sections.This option audits successful changes to system and configuration files, allowing you to reconstruct events after the fact to determine who changed system or configuration files. It will degrade system performance slightly. %1 optionsPA All RulesRules from Selected RolesRules Added by the User in SCWRules Auto-Generated by SCW"Rules with Additional Restrictions Not Found!Port %1 RestrictionsOpenBlockedNetwork Security RulesThis page lists Windows Firewall rules that are needed for the roles and other options you have selected. Selected rules are enabled; rules that are not selected are disabled.Confirm Rule ConfigurationrBefore continuing, confirm that the Windows Firewall rule configuration resulting from your selections is correct.Answering these questions incorrectly might disable desired functionality or enable undesired functionality. Before proceeding, make sure that you have thorough knowledge of the roles and other features performed by this server.Use this section to save the policy you have created. You can apply it to the selected server now, or you can apply it to the selected server or other servers later..This policy includes %1!d! security templates.ServiceCurrent Startup ModePolicy Startup ModeUsed By:Apply the selected security policy to the selected server.Rollback Security ConfigurationDRoll back the last applied security policy from the selected server.system32 Changed ports.The security policy you created is located at:3The security policy you just applied is located at:FThe last applied security policy rolled back from the selected server.IP Addresses and SubnetsLocal InterfaceDHCP IP Address IP address Computer nameSubnet Free formAdd IP Address or SubnetEdit IP Address or Subnet Add Rule (%1)Edit Rule (%1)Integrity requested with %1NoPermit all trafficRequest signingRequire signing*An error with no description has occurred.iThe system is low on memory. Close some programs, then click Retry. Click Cancel to attempt to continue.Low Memory Error!The operation failed. (0x%1!08X!)Require encryptionRequest encryptionPath:Accessed over %1 (%2)Approved [No path!] [NOT FOUND!]Ports used by \Cannot determine the IP address from the computer name. The lookup service is not available.Cannot determine the IP address from the computer name. The given computer name was not found. Type in another name and try again.[Security required][Security requested]PA[Security requested/required][Local interface restrictions]ocal/remote restrictions][Remote address restrictions]The following input is not recognized as an IP address or subnet: %1 Enter IP addresses using an X.X.X.X format and subnets using an X.X.X.X/Y.Y.Y.Y format, and try again.Integrity required with %1)The specified port is already in the list?The specified application was not found on the selected server.1The specified application is already in the list.5Cannot add %1 because it is a system RPC application.All approved applications must have a path. For each application in the list marked with "[No path!]", either edit the item to provide a valid path or remove the selection, then try again.-Executable Files (.exe)|*.exe|All Files|*.*||You can provide either a port number or an approved application, but not both. Clear the data from the option that you do not intend to use and try again.Remote Administration OptionsActivate Named Pipe Firewall&[Local interface restrictions removed]PA$[Local(removed)/remote restrictions]yPort %1 supports only the Permit All Traffic security option, so the security option that you specified has been removed.>The IP address has been adjusted by the specified subnet mask.8The loopback address (127.0.0.1) is not a valid address.&A class E address (%1) is not allowed.(A multicast address (%1) is not allowed./The subnet mask 255.255.255.255 is not allowed.BThe subnet mask %1 is not valid for the specified IP address (%2).?The network portion of %1 must have a number greater than zero.<The host portion of %1 must have a number greater than zero.HThe following input is not recognized as an IP address or subnet: %1 %2All IP addressesvCannot add %1 because it is a system RPC application. Select the Ports used by system RPC applications option instead.PThe given security policy file name is not valid. Type in a different file name.!Administrator Privileges RequiredThe Security Configuration Wizard requires administrator privileges on this server. Rerun the wizard using Run As and specify an administrator account.6The selected file is not a valid security policy file.Enabled NegotiateRequiredSend LM & NTLM only\accept allHSend LM & NTLM only\accept all\use NTLMv2 session security if negotiated$Send NTLMv1 response only\accept all$Send NTLMv2 response only\accept all#Send NTLMv2 response only\refuse LM,Send NTLMv2 response only\refuse LM & NTLMv1Store LM HashesDo Not Store LM HashesiTo change any of the above settings, go back to the previous pages and change the appropriate selections.Application (%1) RestrictionsPA using inpassEncryption required with %1Encryption requested with %13Use to author security policy based on server rolesSelected Object RestrictionsYou cannot remove ports from this list unless they were added by a user. Port items added by the Security Configuration Wizard cannot be removed. Remote (%1)+All approved applications must have a path.Port IP AddressApplying this security policy to the selected server will require a reboot after the policy is applied. This is required for the configured applications or services to run properly.One or more applications were not found on the target server. It is recommended to edit these applications and add the correct system locations. Do you want to continue without editing these applications?Services Applications Short NamePAAnyCustomHOPOPTICMPv4IGMPTCPUDPRDPIRTPIPv6GREESPAHICMPv6PGM IPv6 RoutePA IPv6 Fragment IPv6 No Next IPv6 OptionsVRRPL2TP SystemRoot ProgramFiles Local Port Remote PortProgramService-You must specify a name for the firewall ruleGThis is a predefined rule and some of its properties cannot be modifiedfThe port list is not valid. Port numbers should be in the 0-65535 range and should be comma separated.Predefined set of computersFirewall RulesRolesUnable to add IP address (%1)PAName: Description:Action: Direction:Program:Service: Protocol: Local Ports: Remote Ports:Local Addresses:Remote Addresses:PAInboundOutboundAllow all connectionsAllow only secure connections2Allow only secure connections + require encryptionBlock the connectionsUsed By: All PortsSpecific Ports Dynamic RPCRPC Endpoint MapperDefault Gateway WINS Servers DHCP Servers DNS Servers Local SubnetPA?SCW failed to process the knowledge-base registration file: %1.HSCW failed to parse the knowledge-base registration file: %1, reason: %28The knowledge-base registration file: %1 does not exist.Couldn't open service managerCouldn't create serviceCouldn't open serviceCouldn't delete servicePAMarlettPA " %10A specific role or task you selected for this server requires that Windows Firewall be disabled. In this scenario Network Security policy cannot be configured by the Security Configuration Wizard and must be skipped. The wizard cannot configure network security for servers with the following roles:%1,Click the triangle to show more information.4VS_VERSION_INFO@%@%?StringFileInfo040904B0LCompanyNameMicrosoft CorporationdFileDescriptionSecurity Configuration Wizardr)FileVersion6.3.9600.16384 (winblue_rtm.130821-1623)(InternalNameSCW.LegalCopyright Microsoft Corporation. All rights reserved.@ OriginalFilenameSCW.exe.muij%ProductNameMicrosoft Windows Operating SystemBProductVersion6.3.9600.16384DVarFileInfo$Translation PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING