MZ@ !L!This program cannot be run in DOS mode. $Rؕ3}3}3}H̴3}H̱3}Rich3}PEL!  |@z.rsrc|@@P0H  8Pfh          0 @XB,UY]bfkvllMUI!XR6)#-VtfӢ Y MUI en-US Command line supplement for the Security Configuration Wizard (SCW). Syntax: scwcmd [analyze | configure | register | rollback | transform | view ]  Applies an SCW generated security policy to a machine. Also accepts a list of machines as input. Syntax: scwcmd configure [[[/m:machine | /ou:ou] /p:policy] | /i:machinelist] [/u:username] [/pw:password] [/t:threads] /m:machine Specifies the NetBIOS Name, DNS Name or IP Address of a machine to configure. If /m is specified, then /p must also be specified. /ou:ou Specifies the Fully Qualified Domain Name (FQDN) of an OU in the Active Directory. If /ou is specified, then /p must also be specified. All machines in the OU will be configured with the given policy. /p:policy Specifies the path and filename of the xml policy file that should be applied. /i:machinelist Specifies the path and filename of an xml file that contains a list of machines along with their desired policy files. The policy files will be applied to the corresponding machines. See %windir%\security\SampleMachineList.xml /u:username Specifies an alternate user credential to use when performing a remote configuration. Default is the logged on user. /pw:password Specifies an alternate user credential to use when performing a remote configuration. Default is the logged on user. /t:threads Specifies the number of simultaneous outstanding configuration operations that should be maintained during the configuration process. (DefaultValue=40, MinValue=1, MaxValue=1000) Examples: scwcmd configure /p:webpolicy.xml scwcmd configure /m:123.123.123.123 /p:webpolicy.xml /u:webadmin scwcmd configure /i:campusmachines.xml /t:100 scwcmd configure /ou:OU=WebServers,DC=Marketing,DC=ABCCompany,DC=com /p:webpolicy.xml /u:DomainAdmin  Transforms an SCW generated security policy into files that can be deployed via group policy. The transform operation does not change any settings on the server where it is performed. The transform operation creates a Group Policy Object (GPO) in Active Directory and copies the transformed files into that GPO. After the transform operation has successfully completed, an administrator must link the GPO to the desired OU(s) in order to have the policy deployed to servers. Warnings: 1. IIS Settings are not deployable via group policy. 2. The transform operation should be performed as a domain administrator. 3. Firewall policies that list approved applications should not be deployed to servers unless the Windows Firewall service started automatically when the server was last started. Syntax: scwcmd transform /p:policyfile.xml /g:GPODisplayName /p:policy Specifies the path and filename of the xml policy file that should be applied. This parameter must be specified. /g:GPOName Specifies the display name of the GPO. This parameter must be specified. Example: scwcmd transform /p:FileServerPolicy.xml /g:FileServerSecurity Determines whether a machine is in compliance with a policy. Results are returned in an XML file. Also accepts a list of machines as input. To view the analysis results in your browser, use `scwcmd view' and specify %windir%\security\msscw\TransformFiles\scwanalysis.xsl as the XSL transform. Syntax: scwcmd analyze [[[/m:machine | /ou:ou] /p:policy] | /i:machinelist] [/o:resultdir] [/u:username] [/pw:password] [/t:threads] [/l] [/e] /m:machine Specifies the NetBIOS Name, DNS Name or IP Address of the machine to analyze. If /m is specified, then /p must also be specified. /ou:ou Specifies the Fully Qualified Domain Name (FQDN) of an OU in the Active Directory. If /ou is specified, then /p must also be specified. All machines in the OU will be analyzed against the given policy. /p:policy Specifies the path and filename of the xml policy file that should be used to perform the analysis. /i:machinelist Specifies the path and filename of an xml file that contains a list of machines along with their expected policy files. All machines in the xml file will be analyzed against their corresponding policy files. See %windir%\security\SampleMachineList.xml /o:resultdir Specifies the path and directory where the analysis result files should be dumped. Default is the current directory. /u:username Specifies an alternate user credential to use when performing the analysis on a remote machine. Default is the logged on user. /pw:password Specifies an alternate user credential to use when performing the analysis on a remote machine. Default is the logged on user. /t:threads Specifies the number of simultaneous outstanding analysis operations that should be maintained during the analysis process. (DefaultValue=40, MinValue=1, MaxValue=1000) /l Causes the analysis operation to be logged. One log file will be generated for each machine being analyzed. The log files will be stored in the same directory as the result files. Use the /o option to specify the directory for the result files. /e Log an event to the Application Event Log if a mismatch is found. Examples: scwcmd analyze /p:webpolicy.xml scwcmd analyze /m:webserver /p:webpolicy.xml /u:webadmin scwcmd analyze /i:campusmachines.xml /t:100 /o:\\resultserver\results scwcmd analyze /ou:OU=WebServers,DC=Marketing,DC=ABCCompany,DC=com /p:webpolicy.xml /u:DomainAdmin F Renders an xml file using a specified xsl transform. This command can be useful for displaying SCW xml files using different views. Syntax: scwcmd view [/x:xmlfile] [/s:xslfile] /x:xmlfile Specifies the xml file to be viewed. This parameter must be specified. /s:xslfile Specifies the xsl transform to apply to the xml file as part of the rendering process. This parameter is optional for SCW xml files. When the view command is used to render an SCW xml file, it will automatically try to load the correct default transform for the specified xml. If an XSL transfrom is specified, the transform must be written under the assumption that the XML file is in the same directory as the XSL transform itself. Example: scwcmd view /x:C:\policies\policyfile.xml /s:C:\viewers\policyview.xsl^ Applies the most recent rollback policy available, then deletes that rollback policy. Syntax: scwcmd rollback /m:machine [/u:username] [/pw:password] /m:machine Specifies the NetBIOS Name, DNS Name or IP Address of a machine where the rollback operation should be performed. /u:username Specifies an alternate user credential to use when performing a remote rollback. Default is the logged on user. /pw:password Specifies an alternate user credential to use when performing a remote rollback. Default is the logged on user. Example: scwcmd rollback /m:123.123.123.123  Extends or customizes SCW's Security Configuration Database by registering a Security Configuration Database file that contains role, task, service, or port definitions. Syntax: scwcmd register /kbName:MyApp [/kbfile:kb.xml] [/kb:path] [/d] /kbname:Myapp Specifies the name under which the Security Configuration Database extension will be registered. This parameter must be specified. /kbfile:kb.xml Specifies the path and filename of the Security Configuration Database file that will be used to extend or customize SCW's Security Configuration Database. To validate that the Security Configuration Database file is compliant with the SCW schema, use the %windir%\security\KBRegistrationInfo.xsd schema definition file. This option must be provided unless the /d parameter is specified. /kb:path Specifies the path to the directory that contains the SCW Security Configuration Database files to be updated. If this option is not specified, %windir%\security\msscw\kbs is used. /d Unregisters a Security Configuration Database extension from the Security Configuration Database. The extension to unregister is specified by the /kbname parameter (The /kbfile parameter should not be specified). The Security Configuration Database to unregister the extension from is specified by the /kb parameter. Examples: scwcmd register /kbfile:d:\SCWKBForMyApp.xml /kbname:MyApp /kb:\\kbserver\kb scwcmd register /d /kbname:MyApp /kb:\\kbserver\kb PAFailed to perform registration Failed to perform unregistration!Command completed successfully. _Command completed. Please check log file(s) on each machine for detailed status information. Command completed with error. VPlease check log file(s) under the following directory: %windir%\security\msscw\Logs IFailed to generate log file: %windir%\security\msscw\logs\scwcmdlog.xml Error reading passwordError getting OU information&Error getting machine list informationError getting more memoryError processing thread poolCompletion code for machine: %1Please enter the password:CoInitialize failedPA!Cannot create Group Policy ObjectLDAP open command failedLDAP Bind command failedLDAP Search command failedCannot read LDAP entryCannot read LDAP value'Cannot create a new Group Policy Object@Cannot retrive Active Directory path for the Group Policy ObjectCannot create XML DOM ObjectCannot find File %1Cannot parse the XML buffer&Cannot obtain root of XML document: %1Missing XML node: %1Missing XML attributes: %1$Cannot iterate through XML node list*Cannot manipulate XML attribute node: <%1> Cannot create SSRCore COM Object#Cannot get SSRCore engine interfaceCannot get ActionData#Cannot get the ActionData interface"Cannot get the SsrEngine interfaceCannot get XML buffer(Cannot pass the xml policy to the engine*The engine failed to perform the transform"Security extension files not foundCannot merge INF file>Cannot generate template. Please check %1 for more information;Cannot retrive SYSVOL file path for the Group Policy ObjectCannot create directory: %1Cannot create file: %1Cannot save Group PolicyPAResult file: %1Result directory: %1+A GPO with the supplied display name exists~For information about this operation please see the following directory on the target machine(s): %windir%\security\msscw\Logs&The policy cannot be transformed because it contains settings for the Windows Firewall but the Windows Firewall service is not enabled. In order for Windows Firewall settings to be transformed, the Windows Firewall service must be running on the local machine during the transform operation. Log file: %1Log directory: %1Failed to load XML file: %1File %1 does not existUnsupported XML file typePA%Windows Security Configuration Wizard7SCW remote access firewall rule - Scshost - Dynamic RPCCAllow inbound access for scshost using dynamic RPC and protocol TCP@SCW remote access firewall rule - Scshost - End Point RPC MapperLAllow inbound access for scshost using end point RPC mapper and protocol TCP/SCW remote access firewall rule - Svchost - TCP@Allow inbound access for svchost using port 135 and protocol TCP/SCW inbound access firewall rule - System - TCPEAllow inbound access for system using ports 139, 445 and protocol TCP.SCW remote access firewall rule - System - UDP?Allow inbound access for system using port 137 and protocol UDPPA+Windows Security Configuration Wizard GroupPA 00PPdo|xD dP,167`Start Stop Error Warning Information hMicrosoft-Windows-Security-Configuration-Wizard Microsoft-Windows-Security-Configuration-Wizard/Diagnostic Microsoft-Windows-Security-Configuration-Wizard/Operational PPreprocessing started service scan. TPreprocessing finished service scan. DPreprocessing started merge. DPreprocessing finished merge. DPreprocessing started roles. DPreprocessing finished roles. DPreprocessing started tasks. DPreprocessing finished tasks. TPreprocessing started active sockets. XPreprocessing finished active sockets. XPreprocessing started custom function. XPreprocessing finished custom function. XAudit extension started configuration. XAudit extension finished configuration. LAudit extension started rollback. PAudit extension finished rollback. LAudit extension started analysis. PAudit extension finished analysis. PAudit extension started transform. PAudit extension finished transform. \Service extension started configuration. \Service extension finished configuration. PService extension started rollback. TService extension finished rollback. PService extension started analysis. TService extension finished analysis. TService extension started transform. TService extension finished transform. \Registry extension started configuration. `Registry extension finished configuration. TRegistry extension started rollback. TRegistry extension finished rollback. TRegistry extension started analysis. TRegistry extension finished analysis. TRegistry extension started transform. XRegistry extension finished transform. TSCE extension started configuration. TSCE extension finished configuration. HSCE extension started rollback. LSCE extension finished rollback. HSCE extension started analysis. LSCE extension finished analysis. LSCE extension started transform. LSCE extension finished transform. \Firewall extension started configuration. `Firewall extension finished configuration. TFirewall extension started rollback. TFirewall extension finished rollback. TFirewall extension started analysis. TFirewall extension finished analysis. TFirewall extension started transform. XFirewall extension finished transform. DSCW started to launch the UI. HSCW finished to launch the UI. TSCW Viewer started to launch the UI. TSCW Viewer finished to launch the UI. dSCW started to execute the specific command. dSCW finished to execute the specific command. Configuration succeeded.%n%nFor further information see %1. |Configuration failed.%n%nFor further information see %1. xRollback succeeded.%n%nFor further information see %1. pRollback failed.%n%nFor further information see %1. Rollback generation succeeded.%n%nThe generated rollback file is %1. %n%nFor further information see %2. Rollback generation failed.%n%nFor further information see %1. The machine is not in compliance with the analyzed SCW policy. %nMachine Name: %1 %nAnalysis Extension: %2 @An SCW analysis operation was performed, but a specific SCW analysis extension failed to complete successfully. %nMachine Name: %1 %nAnalysis Extension: %2 4VS_VERSION_INFO@%@%?StringFileInfo040904B0LCompanyNameMicrosoft Corporation3FileDescriptionWindows Security Configuration Wizard Command Toolr)FileVersion6.3.9600.16384 (winblue_rtm.130821-1623)(InternalNameSCW.LegalCopyright Microsoft Corporation. All rights reserved.0OriginalFilenameSCWj%ProductNameMicrosoft Windows Operating SystemBProductVersion6.3.9600.16384DVarFileInfo$Translation PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING