DonatShell
Server IP : 180.180.241.3  /  Your IP : 216.73.216.252
Web Server : Microsoft-IIS/7.5
System : Windows NT NETWORK-NHRC 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586
User : IUSR ( 0)
PHP Version : 5.3.28
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Windows/Help/Windows/en-US/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /Windows/Help/Windows/en-US/scwhelp.h1s
MZ@PEL!@0@.rsrc@@.its @@0	HX||4VS_VERSION_INFOStringFileInfo040904b0b!FileVersion1.00.00                         l"FileDescriptionCompiled Microsoft Help 2.0 TitleBFileStampD0E9C0C601CA041F4JCompilerVersion2.5.71210.08579VCompileDate2009-07-14T01:10:02      >TopicCount59000000000000ALegalCopyright 2005 Microsoft Corporation. All rights reserved.CCCCCCCCCCCCCDVarFileInfo$Translation	ti;qITOLITLS(X쌡^
V`   x GCAOLPHHC ITSF #T"	-Y쌡^
VY쌡^
VIFCMAOLLGIFCM AOLL//$FXFtiAttribute//$FXFtiAttribute/BTREE"/$FXFtiAttribute/DATA/$FXFtiAttribute/PROPERTY:N/$FXFtiMain//$FXFtiMain/BTREEk/$FXFtiMain/DATAQ/$FXFtiMain/PROPERTYTN/$Index/$ATTRNAME8\/$Index/$PROPBAG0/$Index/$STRINGS/$Index/$SYSTEMHh
/$Index/$TOC//$Index/$TOC/$scwhelp`/$Index/$TOPICATTR0/$Index/$TOPICS@/$Index/$URLSTR"/$Index/$URLTBL0X/$Index/$VTAIDXl/$Index/AssetId//$Index/AssetId/$BL0/$Index/AssetId/$LEAF_COUNTS/$Index/AssetId/$LEAVES	/$OBJINST`/assets/0/assets/049e6f69-3ec4-477f-8f47-877f7d2f5c59.xmlt0/assets/1847e176-7517-4daf-b58d-eb4184cb48ac.xml|0/assets/1f6ae869-c4be-4af1-b3df-d75fd103d81d.xml0/assets/27ace7a1-059f-4768-a908-bc9cb26b678a.xml0/assets/29fae0cd-e264-490b-b512-3c6340391e1d.xml-b0/assets/2a1a1032-03b4-4cbf-b0d9-a3e5a4638b62.xmly0/assets/36eeb741-c9f6-436e-949b-3e9fb01a97e1.xml0/assets/390e0613-7127-4a71-8edc-35c85dff4615.xml&t0/assets/3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806.xml:0/assets/40fb05ac-413c-422d-b046-19d534291c56.xmlTj0/assets/4822c6e9-181b-401a-9684-d953ee9657f3.xml>0/assets/76928309-f6e5-45a6-8b2c-e4a664bbcdab.xml\<0/assets/80692c49-598f-486e-a7c4-bcdfd4cdc078.xml0/assets/81d2084d-1192-47ce-a52e-895ddec5cb10.xml)0/assets/86c6735f-7594-4704-a57d-1a3d659428fd.xml?W0/assets/a352112f-abb0-4b59-a547-8d61422d76b4.xml0/assets/a5c0c861-13d5-46b1-96d8-ba37b9dc50d5.xml3s0/assets/b987f3f0-15e3-4f59-b6f2-3077bd12dbec.xml&h0/assets/bb0c453b-a8e9-45ee-9271-8fb5289d6071.xml0/assets/ca6061c3-7765-4162-a606-4079928b68d7.xmlf0/assets/d63238f4-eb6d-4570-a9bf-138a92604588.xml[0/assets/dda99bfc-5e2a-45ab-8f1a-1bb533e5ff64.xml]80/assets/e3e3b0ab-dfd5-4199-9262-5a564e2dde99.xmln0/assets/e4f920ac-f27f-49b0-b870-b477b9af6224.xml10/assets/e62e953b-0241-4219-9181-9a5941005638.xml4T0/assets/eaddb988-5315-43ba-bda0-7ba4f5e81408.xml<0/assets/f07f5c0d-087f-411e-ada4-94d11d214c68.xmlD0/assets/f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b.xml[C0/assets/fbfa6c51-56e5-49b0-b508-9e87b6c23e05.xmlH/scwhelp.h1cf/scwhelp.H1Ft_/scwhelp.H1T/scwhelp.H1VS0/scwhelp_AssetId.H1Kk/scwhelp_BestBet.H1K~k/scwhelp_LinkTerm.H1Kil/scwhelp_SubjectTerm.H1KUo::DataSpace/NameList<(::DataSpace/Storage/MSCompressed/ContentDN,::DataSpace/Storage/MSCompressed/ControlDataT )::DataSpace/Storage/MSCompressed/SpanInfoL/::DataSpace/Storage/MSCompressed/Transform/List<_::DataSpace/Storage/MSCompressed/Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/InstanceData/i::DataSpace/Storage/MSCompressed/Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/InstanceData/ResetTableP3::Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/
	mZG4$AQpGUncompressedMSCompressedFX쌡^
VVLZXCHH<maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>IP Address</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction><maml:para>Use this page to specify an IP address, a subnet, or a range of IP addresses. You can use both IPv4 and IPv6 IP addresses. In the <maml:ui>IP Address</maml:ui> dialog box, specify which IP addresses this firewall rule will apply to by selecting one of the following options:</maml:para><maml:list class="unordered">
<maml:listItem>
<maml:para><maml:ui>This IP address or subnet</maml:ui>. Select this option to specify a single IP address or subnet.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:ui>This IP range</maml:ui>. Select this option to specify a range of IP addresses by identifying the first (<maml:ui>From</maml:ui>) and last (<maml:ui>To</maml:ui>) IP addresses in the range.</maml:para>
</maml:listItem>
</maml:list></maml:introduction><maml:sections><maml:section><maml:title></maml:title><maml:introduction></maml:introduction><maml:sections><maml:section><maml:title>Additional references</maml:title><maml:introduction><maml:list class="unordered"><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Restricting Services</maml:linkText><maml:uri href="mshelp://windows/?id=3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Add or Edit Firewall Rule</maml:linkText><maml:uri href="mshelp://windows/?id=40fb05ac-413c-422d-b046-19d534291c56"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Select Additional Services</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>The selected server might perform roles that require installed services that are not found in the Security Configuration Database and thus do not appear on any of the previous pages. If this is the case, the Security Configuration Wizard presents you with a list of installed services on the <maml:ui>Select Additional Services</maml:ui> page. Unlike the previous pages, there is only one view for this page. (This is because the "installed additional services" and "all additional services" views would show the same list.)</maml:para>

<maml:para>Click the triangle between the check box and the service name for more information about the service. Just as in previous pages, you can examine each additional service and decide if it needs to run for the selected server (or for other servers to which you intend to apply the policy) to perform as desired. If the service is not required, confirm that the check box is cleared. If the service is required, select the check box, and click <maml:ui>Next</maml:ui>.</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Role-Based Service Configuration</maml:linkText><maml:uri href="mshelp://windows/?id=80692c49-598f-486e-a7c4-bcdfd4cdc078"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Handling Unspecified Services</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>Use this page if you intend to do one of the following:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para>Apply the security policy to servers other than the selected server. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Apply the security policy to the selected server after the selected server configuration has changed (for example, if new software is installed). </maml:para>
</maml:listItem>
</maml:list>

<maml:para>Unspecified services are services that do not appear in the Security Configuration Database and are not currently installed on the selected server, but might be installed on other servers to which you want to apply the security policy. They might also be installed on the selected server in the future.</maml:para>

<maml:para>Any unknown service will appear in the Security Configuration Wizard (SCW) on the <maml:ui>Handling Unspecified Services</maml:ui> page. </maml:para>

<maml:para>Before you continue, you must decide how you want to handle these services. The following options are available:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:ui>Do not change the startup mode of the service</maml:ui>. If you choose this option, unspecified services that are enabled on servers to which you apply this security policy remain enabled, and those that are disabled remain disabled. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:ui>Disable the service</maml:ui>. If you choose this option, all services that are not in the Security Configuration Database or not installed on the selected server are disabled. </maml:para>
</maml:listItem>
</maml:list>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Role-Based Service Configuration</maml:linkText><maml:uri href="mshelp://windows/?id=80692c49-598f-486e-a7c4-bcdfd4cdc078"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Select Additional Services</maml:linkText><maml:uri href="mshelp://windows/?id=1847e176-7517-4daf-b58d-eb4184cb48ac"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Network Security</maml:title><maml:introduction>
<maml:para>In the Network Security section of the Security Configuration Wizard (SCW), you can add, remove, or edit rules concerning Windows Firewall with Advanced Security.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Windows Firewall with Advanced Security</maml:title><maml:introduction>
<maml:para>Windows Firewall with Advanced Security combines a host firewall and Internet Protocol security (IPsec). Unlike a perimeter firewall, Windows Firewall with Advanced Security runs on each computer running Windows Server 2008 R2 or Windows Server 2008 and helps provide local protection from network attacks that might pass through your perimeter network or originate inside your organization. It also helps secure computer-to-computer connections by allowing you to require authentication and data protection for communications.</maml:para>

<maml:para>Windows Firewall with Advanced Security is a stateful firewall and inspects and filters all packets for IP version 4 (IPv4) and IP version 6 (IPv6) traffic. By default, incoming traffic is blocked unless it is a response to a request by the host (solicited traffic) or it is specifically allowed (that is, a firewall rule has been created to allow the traffic). You can explicitly allow traffic by specifying a port number, application name, service name, or other criteria by configuring Windows Firewall with Advanced Security settings.</maml:para>

<maml:para>SCW provides support for the new Windows Firewall with Advanced Security but IPsec configuration is not possible through SCW. </maml:para>

<maml:alertSet class="note"><maml:title>Note </maml:title>
<maml:para>Incorrectly configuring Windows Firewall can impair the functionality of services by blocking inbound traffic to services on the computer.</maml:para>
</maml:alertSet>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Network Security Rules</maml:linkText><maml:uri href="mshelp://windows/?id=eaddb988-5315-43ba-bda0-7ba4f5e81408"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Add or Edit Firewall Rule</maml:linkText><maml:uri href="mshelp://windows/?id=40fb05ac-413c-422d-b046-19d534291c56"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Audit Policy</maml:title><maml:introduction>
<maml:para>In the Audit Policy section of the Security Configuration Wizard (SCW), you can configure an audit policy for the selected server.</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>System Audit Policy</maml:linkText><maml:uri href="mshelp://windows/?id=4822c6e9-181b-401a-9684-d953ee9657f3"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Audit Policy Summary</maml:linkText><maml:uri href="mshelp://windows/?id=a352112f-abb0-4b59-a547-8d61422d76b4"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Select Server</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>The <maml:ui>Select Server</maml:ui> page allows you to choose a server based on your choice on the <maml:ui>Configuration Action</maml:ui> page.</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row>
<maml:entry>
<maml:para>If the configuration action was...</maml:para>
</maml:entry>
<maml:entry>
<maml:para>Then the server you select is...</maml:para>
</maml:entry></maml:row>
</maml:tableHeader>

<maml:row>
<maml:entry>
<maml:para>Create a new security policy.</maml:para>
</maml:entry>
<maml:entry>
<maml:para>The server whose settings are the baseline settings. By default, this is the local server (the server running the Security Configuration Wizard).</maml:para>
</maml:entry></maml:row>

<maml:row>
<maml:entry>
<maml:para>Edit an existing security policy.</maml:para>
</maml:entry>
<maml:entry>
<maml:para>The server that was used as a baseline.</maml:para>
</maml:entry></maml:row>

<maml:row>
<maml:entry>
<maml:para>Apply an existing security policy.</maml:para>
</maml:entry>
<maml:entry>
<maml:para>The server to which the policy should be applied.</maml:para>
</maml:entry></maml:row>

<maml:row>
<maml:entry>
<maml:para>Roll back the last applied security policy.</maml:para>
</maml:entry>
<maml:entry>
<maml:para>The server from which you want to roll back the last applied policy.</maml:para>
</maml:entry></maml:row>
</maml:table>

<maml:para>If you are creating a new security policy, the local computer is selected by default. If you are editing an existing policy, the server that was used when the policy was most recently edited is selected by default.</maml:para>

<maml:para>The Security Configuration Wizard (SCW) helps you create a security policy based on the installed roles for the selected server. To do so, SCW checks the selected server for installed roles to determine how to configure services and ports in the security policy. If you are applying a security policy, it will be applied to the selected server. </maml:para>

<maml:para>If you have multiple servers that are configured in a similar way, you can create one security policy and apply it to each server. Select one server to use as a configuration baseline, use that server to create the security policy, and then apply that policy to each of the other servers. For example, if your organization has multiple file servers, you can create one security policy for file servers by choosing one representative file server, creating the policy, and then applying the policy to each file server.</maml:para>

<maml:para>SCW does not change the configuration of the selected server until you apply the security policy. Also, the security policy is not saved until SCW is finished. If you cancel SCW before you save the policy, the settings are not saved.</maml:para>

<maml:para>You must be a member of the local Administrators group on the selected server to apply a security policy. </maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Starting the Security Configuration Wizard</maml:linkText><maml:uri href="mshelp://windows/?id=e3e3b0ab-dfd5-4199-9262-5a564e2dde99"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Outbound Authentication Using Local Accounts</maml:title><maml:introduction>
<maml:para>Using the information provided on this page, the Security Configuration Wizard (SCW) will set the LAN Manager authentication level that is appropriate for your environment and use that authentication level to authenticate local accounts on remote computers that are attempting to make outbound connections through the server. </maml:para>

<maml:para>This LAN Manager authentication level determines which challenge/response authentication protocol is acceptable for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers.</maml:para>

<maml:para>The <maml:ui>Windows NT 4.0 Service Pack 6a or later operating systems</maml:ui> check box is used to ascertain that the clients that connect to this server support NTLMv2 authentication. Computers running Windows NT 4.0 Service Pack 4 (SP4) and earlier do not support NTLMv2. Computers running Windows 95 and Windows 98 do not support NTLM.</maml:para>

<maml:para>The <maml:ui>Clocks that are synchronized with the selected server's clock </maml:ui>check box also checks if the client meets the requirements for using NTLMv2 authentication. Synchronization is required for NTLMv2. Older systems do not use clock synchronization. If the network contains only computers running Windows 2000, Windows XP, or Windows Server 2003, indicate that your environment uses clock synchronization.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Registry key</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:phrase>HKLM\System\CurrentControlSet\Services\Control\LSA\LMCompatibilityLevel </maml:phrase></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section><maml:section>
<maml:title>Associated security setting</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para>Network security: LAN Manager authentication level </maml:para>
</maml:listItem>
</maml:list>

<maml:para>Providing inaccurate information might disrupt communication between computers on the network. All computers that the selected server connects to by using local accounts must have clocks that are synchronized with the selected server's clock.</maml:para>

<maml:para>For more information about this security setting, see "Network security: LAN Manager authentication level" (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=91045</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=91045"></maml:uri></maml:navigationLink>).</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction><maml:list class="unordered"><maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Outbound Authentication Methods</maml:linkText><maml:uri href="mshelp://windows/?id=f07f5c0d-087f-411e-ada4-94d11d214c68"></maml:uri></maml:navigationLink></maml:para></maml:listItem><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Outbound Authentication Using Domain Accounts</maml:linkText><maml:uri href="mshelp://windows/?id=81d2084d-1192-47ce-a52e-895ddec5cb10"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Require LDAP Signing</maml:title><maml:introduction>
<maml:para>This page appears when the <maml:ui>Domain Controller (Active Directory)</maml:ui> role is selected on the <maml:ui>Select Server Roles</maml:ui> page. On the <maml:ui>Require LDAP Signing</maml:ui> page, information is gathered about the other computers in the domain controller's domain.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Registry key</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:phrase>HKLM\System\CurrentControlSet\Services\NTDS\Parameters\LDAPServerIntegrity </maml:phrase></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section><maml:section>
<maml:title>Associated security setting</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para>Domain controller: LDAP server signing requirements </maml:para>
</maml:listItem>
</maml:list>

<maml:para>Providing inaccurate information might disrupt communication between the selected domain controller and other computers on the network.</maml:para>

<maml:para>For more information about this security setting, see "Domain controller: LDAP server signing requirements" (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=91170</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=91170"></maml:uri></maml:navigationLink>).</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Registry Settings</maml:linkText><maml:uri href="mshelp://windows/?id=a5c0c861-13d5-46b1-96d8-ba37b9dc50d5"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Restricting Services</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction><maml:para>When creating firewall rules in the Security Configuration Wizard (SCW), you can select which services are restricted by the firewall rule. To use a firewall rule to restrict a service, choose a service from the list of services. Each firewall rule can restrict only one service. </maml:para>
<maml:para>The services list includes the name of services on your server as well as their short name. A service is an application type that runs in the system background without a user interface. Services provide core operating system features, such as Web services, event logging, file services, printing, cryptography, and error reporting.</maml:para></maml:introduction>

<maml:sections><maml:section><maml:title></maml:title><maml:introduction></maml:introduction><maml:sections><maml:section><maml:title>Additional references</maml:title><maml:introduction><maml:list class="unordered"><maml:listItem><maml:para><maml:navigationLink><maml:linkText>IP Address</maml:linkText><maml:uri href="mshelp://windows/?id=049e6f69-3ec4-477f-8f47-877f7d2f5c59"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Add or Edit Firewall Rule</maml:linkText><maml:uri href="mshelp://windows/?id=40fb05ac-413c-422d-b046-19d534291c56"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Add or Edit Firewall Rule</maml:title><maml:introduction>
<maml:para>By using the Software Configuration Wizard (SCW), you can create firewall rules to allow this computer to send traffic to or receive traffic from programs, system services, computers, or users. Firewall rules can be created to take one of three actions for all connections that match the rule's criteria: allow the connection, only allow a connection that is secured through the use of Internet Protocol security (IPsec), or explicitly block the connection.</maml:para>

<maml:alertSet class="important"><maml:title>Important </maml:title>
<maml:para>Firewall rules allow traffic through the firewall but do not secure that traffic. To secure traffic with IPsec, you can create connection security rules. However, the creation of a connection security rule does not allow the traffic through the firewall. You must create a firewall rule to do this, if the traffic is not allowed by the default behavior of the firewall. Connection security rules are not applied to programs or services; they are applied between two computers. The Windows Firewall with Advanced Security snap-in (FW.msc) must be used to create connection security rules.</maml:para>
</maml:alertSet>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>General tab</maml:title><maml:introduction>
<maml:para>Rules can be created for either inbound traffic or outbound traffic. The rule can be configured to specify the program, service, protocol, or port. As your IT environment changes, you can change, create, or delete rules.</maml:para>

<maml:para>Firewall rules are applied in the following order of priority:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para>Authenticated bypass (rules that override block rules)</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Block connection</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Allow connection</maml:para>
</maml:listItem>
</maml:list>
</maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Inbound rules</maml:title><maml:introduction>
<maml:para>Inbound rules explicitly allow or explicitly block traffic attempting to access the computer that matches the criteria in the rule. For example, you can configure a rule to explicitly allow traffic secured by IPsec for Remote Desktop through the firewall but block the same traffic if it is not secured by IPsec. When Windows is first installed, inbound traffic is blocked; to allow traffic, you must create an inbound rule. </maml:para>
</maml:introduction></maml:section>

<maml:section>
<maml:title>Outbound rules</maml:title><maml:introduction>
<maml:para>Outbound rules explicitly allow or explicitly block traffic originating from the computer that matches the criteria in the rule. For example, you can configure a rule to explicitly block outbound traffic to a specific computer through the firewall but allow the same traffic to other computers. Outbound traffic is allowed by default, so you must create an outbound rule to block traffic.</maml:para>
</maml:introduction></maml:section>
</maml:sections>
</maml:section><maml:section>
<maml:title>Programs and Services tab</maml:title><maml:introduction>
<maml:para>Because Windows Firewall with Advanced Security blocks all incoming unsolicited TCP/IP traffic by default, you might need to configure program, port, and system service rules for programs or services that are acting as servers, listeners, or peers. Program, port, and system service rules must be managed on an ongoing basis as your server roles or configurations change.</maml:para>

<maml:alertSet class="important"><maml:title>Important </maml:title>
<maml:para>The settings for a firewall rule add increasing levels of restriction to the criteria for which connection requests will match the rule. For example, if you do not specify a program or service on the <maml:ui>Program and Services</maml:ui> tab, all programs and services will be allowed to connect if they match other criteria. Therefore, adding more detailed criteria makes the rule progressively more restrictive and less likely to be matched.</maml:para>
</maml:alertSet>

<maml:para>To add a program to the rules list, you must specify the full path to the executable (.exe) file used by the program. A system service that runs within its own unique .exe file and is not hosted by a service container is considered to be a program and can be added to the rules list. In the same way, a program that functions like a system service and runs whether or not a user is logged on to the computer is also considered a program, as long as it runs within its own unique .exe file.</maml:para>

<maml:alertSet class="caution"><maml:title>Caution </maml:title>
<maml:para>Adding programs that host services, such as Svchost.exe, Dllhost.exe, and Inetinfo.exe, to the rules list without further restrictions in the rule might expose the computer to security threats. Also, adding these programs might conflict with other service-hardening policies on computers running Windows Server 2008 R2 or Windows Server 2008.</maml:para>
</maml:alertSet>

<maml:para>When you add a program to the rules list, Windows Firewall with Advanced Security dynamically opens (unblocks) and closes (blocks) the ports required by the program. When the program is running and listening for incoming traffic, Windows Firewall with Advanced Security opens the required ports; when the program is not running or is not listening for incoming traffic, Windows Firewall with Advanced Security closes the ports. Because of this dynamic behavior, adding programs to the rules list is the recommended method for allowing unsolicited incoming traffic through Windows Firewall with Advanced Security.</maml:para>

<maml:alertSet class="note"><maml:title>Note </maml:title>
<maml:para>You can use program rules to allow unsolicited incoming traffic through Windows Firewall with Advanced Security only if the program uses Windows Sockets (Winsock) to create port assignments. If a program does not use Winsock to assign ports, you must determine which ports the program uses and add those ports to the rules list.</maml:para>
</maml:alertSet>
</maml:introduction></maml:section><maml:section>
<maml:title>Protocols and Ports tab</maml:title><maml:introduction>
<maml:para>In some cases, if you cannot add a program or system service to the rules list, you must determine which port or ports the program or system service uses and then add the port or ports to the Windows Firewall with Advanced Security rules list.</maml:para>

<maml:para>On the <maml:ui>Protocols and Ports</maml:ui> tab, you can select from a list of the most commonly used protocols and their associated protocol number. If the protocol that you need to add is not in the list, you can select <maml:ui>Custom</maml:ui> and specify the protocol number. </maml:para>

<maml:para>If you select either the TCP or UDP protocol, you can then specify the local and remote ports to which the rule applies. When you add a TCP or UDP port to the rules list, the port is open (unblocked) whenever Windows Firewall with Advanced Security is running, whether or not there is a program or system service listening for incoming traffic on the port. For this reason, if you need to allow unsolicited incoming traffic through Windows Firewall with Advanced Security, you should create a program rule instead of a port rule. </maml:para>
</maml:introduction></maml:section><maml:section>
<maml:title>Scope tab</maml:title><maml:introduction>
<maml:para>Use the <maml:ui>Scope</maml:ui> tab to specify an IP address, a subnet, or a range of IP addresses. You can use both IPv4 and IPv6 IP addresses.</maml:para>
</maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Local IP addresses</maml:title><maml:introduction>
<maml:para>Under <maml:ui>Local IP Addresses</maml:ui>, you can configure the firewall rule to be applied when the target computer is the local computer. You can further identify when the rule applies to the local computer by specifying an IP address or IP address range to apply the rule to computers that reside in a certain branch of your network. </maml:para>
</maml:introduction></maml:section>

<maml:section>
<maml:title>Remote IP addresses</maml:title><maml:introduction>
<maml:para>Under <maml:ui>Remote IP Addresses</maml:ui>, you can configure the firewall rule to be applied when the target computer is a remote computer. You can further identify when the rule applies to remote computers by specifying an IP address or IP address range to apply the rule to computers that reside in a certain branch of your network. </maml:para>
</maml:introduction>
<maml:sections>
<maml:section>
<maml:title>About specifying IP addresses</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:phrase>IPv4.</maml:phrase> If your network uses IPv4 addressing, you can specify a single IP address, such as 172.30.160.169, or a subnet, such as 146.53.0.0/24.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:phrase>IPv6</maml:phrase>. If your network uses IPv6 addressing, you can specify a single IP address as eight sets of four hexadecimal digits separated by colons (or in an equivalent allowed format) or as a subnet.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>For both formats, to specify a range of addresses, just specify the first (<maml:ui>From</maml:ui>) and last (<maml:ui>To</maml:ui>) IP addresses included in the rule.</maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>

<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Network Security</maml:linkText><maml:uri href="mshelp://windows/?id=27ace7a1-059f-4768-a908-bc9cb26b678a"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Restricting Services</maml:linkText><maml:uri href="mshelp://windows/?id=3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>IP Address</maml:linkText><maml:uri href="mshelp://windows/?id=049e6f69-3ec4-477f-8f47-877f7d2f5c59"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>System Audit Policy</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>You can use this page to create an audit policy for servers in your organization. Auditing is the process that tracks the activities of users and records selected types of events in the security log. An audit policy defines the types of events that you want to collect. </maml:para>

<maml:para>Collecting and monitoring audit events consumes disk space and other resources. Before selecting an audit policy, review "Auditing Security Events Best Practices" (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=92229</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=92229"></maml:uri></maml:navigationLink>). </maml:para>

<maml:para>You can use Microsoft Operations Manager (MOM) to collect audit events from multiple servers at a single repository.</maml:para>

<maml:para>The following table describes each of the three audit policy objectives that you can select with the Security Configuration Wizard (SCW).</maml:para>

<maml:table>
<maml:tableHeader>
<maml:row>
<maml:entry>
<maml:para>Audit policy objective</maml:para>
</maml:entry>
<maml:entry>
<maml:para>Description</maml:para>
</maml:entry>
<maml:entry>
<maml:para>Audit event type and policy settings</maml:para>
</maml:entry></maml:row>
</maml:tableHeader>

<maml:row>
<maml:entry>
<maml:para>Do not audit</maml:para>
</maml:entry>
<maml:entry>
<maml:para>No auditing is performed. CPU cycles and disk space are spared so that other processes can have better performance. </maml:para>

<maml:alertSet class="caution"><maml:title>Caution </maml:title>
<maml:para>No audit information will be available to detect intruders, to find unauthorized access attempts, or for any other purpose.</maml:para>
</maml:alertSet>
</maml:entry>
<maml:entry>
<maml:para>None</maml:para>
</maml:entry></maml:row>

<maml:row>
<maml:entry>
<maml:para>Audit successful activities</maml:para>
</maml:entry>
<maml:entry>
<maml:para>Auditing successful activities results in fewer event log entries than auditing both successful and unsuccessful activities. Use this option to record only what users actually access, not what they try to access. </maml:para>

<maml:alertSet class="note"><maml:title>Note </maml:title>
<maml:para>If you only audit successful activities, then unauthorized intrusion attempts will not appear in the log. Unauthorized intrusion attempts are characterized by large numbers of unsuccessful activities.</maml:para>
</maml:alertSet>
</maml:entry>
<maml:entry>
<maml:para>Audit account logon events: Success, Failure</maml:para>

<maml:para>Audit account management: Success</maml:para>

<maml:para>Audit directory service access: Success</maml:para>

<maml:para>Audit logon events: Success, Failure</maml:para>

<maml:para>Audit object access: Success</maml:para>

<maml:para>Audit policy change: Success</maml:para>

<maml:para>Audit privilege use: Not audited</maml:para>

<maml:para>Audit process tracking: Success</maml:para>

<maml:para>Audit system events: Success, Failure</maml:para>
</maml:entry></maml:row>

<maml:row>
<maml:entry>
<maml:para>Audit successful and unsuccessful activities</maml:para>
</maml:entry>
<maml:entry>
<maml:para>This means that you intend to use audit events to track the attempts of users to gain access to areas for which they are not authorized, in addition to tracking successful task completion. </maml:para>

<maml:alertSet class="note"><maml:title>Note </maml:title>
<maml:para>Do not select <maml:ui>Audit successful and unsuccessful activities</maml:ui> unless you review security logs regularly. If users attempt to access a resource for which they are not authorized, they can create so many failure audits that the security log becomes full. When the security log is full, the oldest audit entries are overwritten.</maml:para>
</maml:alertSet>
</maml:entry>
<maml:entry>
<maml:para>Audit account logon events: Success, Failure</maml:para>

<maml:para>Audit account management: Success, Failure</maml:para>

<maml:para>Audit directory service access: Success, Failure</maml:para>

<maml:para>Audit logon events: Success, Failure</maml:para>

<maml:para>Audit object access: Success, Failure</maml:para>

<maml:para>Audit policy change: Success, Failure</maml:para>

<maml:para>Audit privilege use: Not audited</maml:para>

<maml:para>Audit process tracking: Success, Failure</maml:para>

<maml:para>Audit system events: Success, Failure</maml:para>
</maml:entry></maml:row>
</maml:table>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Audit Policy</maml:linkText><maml:uri href="mshelp://windows/?id=29fae0cd-e264-490b-b512-3c6340391e1d"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Managing the Security Configuration Database</maml:title><maml:introduction>
<maml:para>The Security Configuration Database consists of a set of .xml files that list services and ports that are required for each server role that is supported by the Security Configuration Wizard (SCW). These files are installed in <maml:replaceable>%systemroot%</maml:replaceable>\security\ssscw\kbs. After you select a server, the server is scanned to determine the following:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para>Roles that are installed on the server </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Roles that are likely being performed by the server </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Services that are installed but not part of the Security Configuration Database </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>IP addresses and subnets that are configured for the server</maml:para>
</maml:listItem>
</maml:list>

<maml:para>SCW combines this server-specific information into a single .xml file named Main.xml. SCW displays Main.xml if you click <maml:ui>View Configuration Database</maml:ui> on the <maml:ui>Processing Security Configuration Database </maml:ui>page.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Centralizing the Security Configuration Database</maml:title><maml:introduction>
<maml:para>You may want to maintain the Security Configuration Database in a central location that can be used throughout your organization. This allows local administrators in multiple locations to use the same Security Configuration Database. SCW.exe accepts a command-line argument for the centralized database location. </maml:para>

<maml:para>To specify a centralized configuration database, run the following command at a command prompt:</maml:para>

<maml:para><maml:computerOutputInline>scw.exe /kb</maml:computerOutputInline> <maml:replaceable>SCWKBDirectoryLocation</maml:replaceable></maml:para>

<maml:para>For example, two possible commands are:</maml:para>

<maml:para><maml:computerOutputInline>scw.exe /kb \\securityserver\scwkb</maml:computerOutputInline></maml:para>

<maml:para><maml:computerOutputInline>scw.exe /kb k:\ </maml:computerOutputInline></maml:para>

<maml:alertSet class="note"><maml:title>Note </maml:title>
<maml:para>The local administrator who runs SCW must have at least Read permission to the remote Security Configuration Database directory. In non-domain environments, the local administrator may need to provide credentials in order to access the centralized server. This can be accomplished by first establishing a connection to the server. For example, you might use the following command:<maml:computerOutputInline> Net use k: \\securityserver\scwkb /u:securityserver\User1</maml:computerOutputInline></maml:para>
</maml:alertSet>

<maml:para>For more information about selecting server roles, see <maml:navigationLink><maml:linkText>Select Server Roles</maml:linkText><maml:uri href="mshelp://windows/?id=ca6061c3-7765-4162-a606-4079928b68d7"></maml:uri></maml:navigationLink>. </maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Starting the Security Configuration Wizard</maml:linkText><maml:uri href="mshelp://windows/?id=e3e3b0ab-dfd5-4199-9262-5a564e2dde99"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Role-Based Service Configuration</maml:title><maml:introduction>
<maml:para>In the Role-Based Service Configuration section of the Security Configuration Wizard (SCW), you can configure services based on the roles and features of the selected server.</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Select Server Roles</maml:linkText><maml:uri href="mshelp://windows/?id=ca6061c3-7765-4162-a606-4079928b68d7"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Select Client Features</maml:linkText><maml:uri href="mshelp://windows/?id=f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Select Administration and Other Options</maml:linkText><maml:uri href="mshelp://windows/?id=bb0c453b-a8e9-45ee-9271-8fb5289d6071"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Select Additional Services</maml:linkText><maml:uri href="mshelp://windows/?id=1847e176-7517-4daf-b58d-eb4184cb48ac"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Handling Unspecified Services</maml:linkText><maml:uri href="mshelp://windows/?id=1f6ae869-c4be-4af1-b3df-d75fd103d81d"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Confirm Service Changes</maml:linkText><maml:uri href="mshelp://windows/?id=e62e953b-0241-4219-9181-9a5941005638"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Outbound Authentication Using Domain Accounts</maml:title><maml:introduction>
<maml:para>Using the information provided on this page, the Security Configuration Wizard (SCW) will set the LAN Manager authentication level that is appropriate for your environment and use that authentication level to authenticate domain accounts that are attempting to make outbound connections through the server. </maml:para>

<maml:para>This LAN Manager authentication level determines which challenge/response authentication protocol is acceptable for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers.</maml:para>

<maml:para>The <maml:ui>Windows NT 4.0 Service Pack 6a or later operating systems</maml:ui> check box is used to ascertain that the clients that connect to this server support NTLMv2 authentication. Computers running Windows NT 4.0 Service Pack 4 (SP4) and earlier do not support NTLMv2. Computers running Windows 95 and Windows 98 do not support NTLM.</maml:para>

<maml:para>The <maml:ui>Clocks that are synchronized with the selected server's clock </maml:ui>check box also checks if the client meets the requirements for using NTLMv2 authentication. Synchronization is required for NTLMv2. Older systems do not use clock synchronization. If the network contains only computers running Windows 2000, Windows XP, or Windows Server 2003, indicate that your environment uses clock synchronization.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Registry key</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:phrase>HKLM\System\CurrentControlSet\Services\Control\LSA\LMCompatibilityLevel </maml:phrase></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section><maml:section>
<maml:title>Associated security setting</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para>Network security: LAN Manager authentication level </maml:para>
</maml:listItem>
</maml:list>

<maml:para>Providing inaccurate information might disrupt communication between computers on the network. All domain controllers containing domain accounts used to connect to other computers must have clocks that are synchronized with the selected server's clock. </maml:para>

<maml:para>For more information about this security setting, see "Network security: LAN Manager authentication level" (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=91045</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=91045"></maml:uri></maml:navigationLink>).</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction><maml:list class="unordered"><maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Outbound Authentication Methods</maml:linkText><maml:uri href="mshelp://windows/?id=f07f5c0d-087f-411e-ada4-94d11d214c68"></maml:uri></maml:navigationLink></maml:para></maml:listItem><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Outbound Authentication Using Local Accounts</maml:linkText><maml:uri href="mshelp://windows/?id=36eeb741-c9f6-436e-949b-3e9fb01a97e1"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Registry Settings Summary</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>The <maml:ui>Registry Settings Summary</maml:ui> page allows you to view all of the changes that this security policy would make to specific registry settings if applied to the selected server. The Security Configuration Wizard (SCW) shows the current setting for each registry value and the setting value defined by the policy. No changes are made to the selected server until you apply the security policy.</maml:para>

<maml:para>If one or more registry setting changes are incorrect, you can modify these settings by changing your selections on previous pages in this section. To determine which selection you need to modify, view the <maml:ui>Registry Value</maml:ui> column. The registry value that is modified by your selections is listed on each page of this section. Return to the page on which you configured the setting and make the appropriate changes.</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Registry Settings</maml:linkText><maml:uri href="mshelp://windows/?id=a5c0c861-13d5-46b1-96d8-ba37b9dc50d5"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Audit Policy Summary</maml:title><maml:introduction>
<maml:para>This page provides a list of all of the changes that will be made to the audit policy on the selected server if you apply the policy. It shows the current setting for each audit policy setting and the setting defined by the policy. No changes are made to the selected server until you apply the security policy.</maml:para>

<maml:para>If you would like to change the resulting audit policy, you can return to the previous page and choose one of the other two audit policy options on the <maml:ui>System Audit Policy</maml:ui> page.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>SACLs and Rollback</maml:title><maml:introduction>
<maml:para>SCWAudit.inf is the auditing security template that is provided with the Security Configuration Wizard (SCW). SCWAudit.inf defines the system access control lists (SACLs) that help detect the tampering or attempted tampering of the operating system. These SACLs enable the system to record access by any user to any executable or configuration files in the Windows directory structure, and changes to the state or configuration of Windows services. The SACLs do not cause Windows to monitor files and directories that are primarily used for other purposes, and they generate as few logged events as possible. However, applying a service pack, restoring information from a backup, or changing permissions on all or part of the Windows directory could result in a large number of events being generated.</maml:para>

<maml:para>The SCW rollback feature does not include the ability to roll back SACLs. Therefore, if you do not want to apply the SCWAudit.inf security template, you can clear the <maml:ui>Also include the SCWAudit.inf security template. SCWAudit.inf sets System Access Control Lists (SACLS) in order to audit access of the file system</maml:ui> check box on the <maml:ui>Audit Policy Summary</maml:ui> page.</maml:para>

<maml:para>To view details about the file system and registry SACLs defined in SCWAudit.inf, you can open SCWAudit.inf from the Security Templates snap-in. SCWAudit.inf is located in <maml:replaceable>%WINDIR%</maml:replaceable>\Security\Msscw\Kbs.</maml:para>

<maml:para>Another security template, DefaultSACLs.inf, is also provided. It allows you to reapply the default SACLs, in case SCWAudit.inf does not function as intended. The default SACLs that are applied are those that were installed with Windows, not the SACLs that were in effect before you applied SCWAudit.inf. To apply DefaultSACLs.inf, type the following at a command prompt: </maml:para>

<maml:para><maml:computerOutputInline>secedit /configure /cfg DefaultSACLs.inf /db DefaultSACLs.sdb</maml:computerOutputInline></maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Audit Policy</maml:linkText><maml:uri href="mshelp://windows/?id=29fae0cd-e264-490b-b512-3c6340391e1d"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Registry Settings</maml:title><maml:introduction>
<maml:para>In the Registry Settings section of the Security Configuration Wizard (SCW), you can configure protocols used to communicate with other computers.</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Require SMB Security Signatures</maml:linkText><maml:uri href="mshelp://windows/?id=b987f3f0-15e3-4f59-b6f2-3077bd12dbec"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Require LDAP Signing</maml:linkText><maml:uri href="mshelp://windows/?id=390e0613-7127-4a71-8edc-35c85dff4615"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Outbound Authentication Methods</maml:linkText><maml:uri href="mshelp://windows/?id=f07f5c0d-087f-411e-ada4-94d11d214c68"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Inbound Authentication Methods</maml:linkText><maml:uri href="mshelp://windows/?id=fbfa6c51-56e5-49b0-b508-9e87b6c23e05"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Registry Settings Summary</maml:linkText><maml:uri href="mshelp://windows/?id=86c6735f-7594-4704-a57d-1a3d659428fd"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Require SMB Security Signatures</maml:title><maml:introduction>
<maml:para>On this page, you supply information about the selected server and the clients with which it communicates.</maml:para>

<maml:para>This security setting determines whether packet signing is required by the server message block (SMB) server component.</maml:para>

<maml:para>The SMB protocol provides the basis for Microsoft file and print sharing and many other networking operations, such as remote Windows administration. To help prevent attacks that modify SMB packets in transit, the SMB protocol supports the digital signing of SMB packets. This policy setting determines whether SMB packet signing must be negotiated before further communication with an SMB client is permitted.</maml:para>

<maml:para>If this setting is enabled, the Microsoft network server will not communicate with a Microsoft network client unless that client agrees to perform SMB packet signing. </maml:para>

<maml:alertSet class="note"><maml:title>Notes </maml:title><maml:alert>All Windows operating systems support both a client-side SMB component and a server-side SMB component. To take advantage of SMB packet signing, both the client-side SMB component and server-side SMB component that are involved in a communication must have SMB packet signing either enabled or required. </maml:alert><maml:alert>If server-side SMB signing is required, a client will not be able to establish a session with that server unless it has client-side SMB signing enabled. By default, client-side SMB signing is enabled on workstations, servers, and domain controllers.</maml:alert><maml:alert>Similarly, if client-side SMB signing is required, that client will not be able to establish a session with servers that do not have packet signing enabled. By default, server-side SMB signing is enabled only on domain controllers.</maml:alert></maml:alertSet>

<maml:alertSet class="important"><maml:title>Important </maml:title>
<maml:para>Using SMB packet signing can degrade performance up to 15 percent on file service transactions.</maml:para>
</maml:alertSet>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Registry key</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:phrase>HKLM\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature</maml:phrase></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section><maml:section>
<maml:title>Associated security setting</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para>Microsoft network server: Digitally sign communications (always) </maml:para>
</maml:listItem>
</maml:list>

<maml:para>Providing inaccurate information might disrupt communication between the selected server and other computers on the network.</maml:para>

<maml:para>For more information about this security setting, see "Microsoft network server: Digitally sign communications (always)" (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=91043</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=91043"></maml:uri></maml:navigationLink>).</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Registry Settings</maml:linkText><maml:uri href="mshelp://windows/?id=a5c0c861-13d5-46b1-96d8-ba37b9dc50d5"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Select Administration and Other Options</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>On this page, you can choose administration options such as remote administration and backup, as well as other application options and Windows features that use services and ports.</maml:para>

<maml:para>The Security Configuration Wizard (SCW) enables the services that are necessary for the server based on the roles that you select on the <maml:ui>Select Server Roles</maml:ui> page. Unnecessary services are disabled, and if you configure settings in the Network Security section of SCW, unneeded firewall rules are removed. Select the administration options and any other options that the selected server performs, that other servers to which you intend to apply this security policy perform, or that you plan to have the selected server perform.</maml:para>

<maml:para>Any option that depends on roles that were not previously selected is automatically excluded from the list and does not appear.</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Role-Based Service Configuration</maml:linkText><maml:uri href="mshelp://windows/?id=80692c49-598f-486e-a7c4-bcdfd4cdc078"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Select Server Roles</maml:linkText><maml:uri href="mshelp://windows/?id=ca6061c3-7765-4162-a606-4079928b68d7"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Select Server Roles</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>Server roles describe the main function or functions performed by a server in your organization. For example, a domain controller performs the Domain Controller server role. Server roles must have role-specific services enabled. The Security Configuration Wizard (SCW) enables services that are necessary for the selected server to perform the server roles that you select on this page. Unnecessary services are disabled. </maml:para>

<maml:para>When you select a role, all dependent roles are selected automatically. You do not have to select dependencies manually.</maml:para>

<maml:para>If a role that you want to select is not available, then consider selecting a broader role that would include the role that you want. The role you want to select might be a client feature or an administration option. Then you can select it on later pages in the wizard. If a role you want is not installed, and it is not in the Security Configuration Database, then it will not appear in any view.</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional considerations</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para>To see services and other server roles that are required for a specific role, click the triangle next to the server role. SCW lists a description of the role, required services, and dependent server roles. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>When you edit an existing policy, the settings are determined by the policy that is being edited, not by the state of the computer running SCW. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>When you are using SCW to apply a policy, a selected check box indicates that the associated service will be enabled. A cleared check box indicates that the service will be disabled. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>The role selections made on this page affect other choices throughout the wizard. For example, if you select the Domain Controller server role, only options that are appropriate for a domain controller will appear later. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>If you create a policy and select an uninstalled role, and you subsequently edit that policy and the role is still not installed, then the previously selected role will not be selected while you are editing the policy. You will have to select that role again from the list of uninstalled roles if you want it to be selected. This design facilitates the common task of editing a policy that was originally created on a server that has since been reconfigured. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>When the Failover Clustering server role is selected, SCW makes no changes to the startup mode for services that support clusters. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>You can change the view in which server roles are presented. By default, installed server roles are shown. These are server roles that the selected server can perform without installing additional components. If you are creating a new security policy, the roles that the server currently performs are selected by default. If you are editing an existing security policy, the roles enabled by the policy are selected by default. You can view all server roles in the Security Configuration Database by changing the view to <maml:ui>All roles</maml:ui>. To enable the services that are necessary for the selected server to perform its installed server roles, select the appropriate server roles in the list. If you plan to install other server roles on the selected server or if you plan to apply this security policy to other computers that have slight differences in role configuration, in <maml:ui>View</maml:ui>, click <maml:ui>All roles</maml:ui>, and then select the appropriate server roles.</maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>

<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Role-Based Service Configuration</maml:linkText><maml:uri href="mshelp://windows/?id=80692c49-598f-486e-a7c4-bcdfd4cdc078"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Managing the Security Configuration Database</maml:linkText><maml:uri href="mshelp://windows/?id=76928309-f6e5-45a6-8b2c-e4a664bbcdab"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Completing the Security Configuration Wizard</maml:title><maml:introduction>
<maml:para>In the Save Security Policy section of the Security Configuration Wizard (SCW), you can save and apply the security policy created or edited with SCW.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Security Policy File Name</maml:title><maml:introduction>
<maml:para>Choose a location and a file name with an .xml extension to save the security policy. You should save the security policy in a location accessible to administrators who will run SCW to apply the policy.</maml:para>
</maml:introduction>
<maml:sections>
<maml:section>
<maml:title>View Security Policy</maml:title><maml:introduction>
<maml:para>You can click <maml:ui>View Security Policy</maml:ui> to open SCW Viewer. SCW Viewer allows you to browse the details of the policy before saving it.</maml:para>
</maml:introduction></maml:section>

<maml:section>
<maml:title>Include Security Templates</maml:title><maml:introduction>
<maml:para>You can include policy settings in your security policy in addition to those created with SCW. Click <maml:ui>Include Security Templates</maml:ui> to include a security template with the additional policy settings. If any template settings conflict with those created in SCW, then SCW takes precedence. </maml:para>
</maml:introduction></maml:section>
</maml:sections>
</maml:section><maml:section>
<maml:title>Apply Security Policy</maml:title><maml:introduction>
<maml:para>You can apply a security policy immediately after creating or editing the policy by clicking <maml:ui>Apply now</maml:ui> on this page. If you want to make changes to the policy, or if you do not want to apply the security policy to the selected server, click <maml:ui>Apply later</maml:ui>. If you choose to apply the policy later, no changes are made to the selected server. When you want to apply the security policy, run SCW and, on the <maml:ui>Configuration Action</maml:ui> page, click <maml:ui>Apply an existing security policy</maml:ui>.</maml:para>

<maml:para>For the following services to be disabled, you must restart the selected server after applying the SCW policy: </maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para>Application Management </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Terminal Services or Remote Desktop Services</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Windows Audio</maml:para>
</maml:listItem>
</maml:list>

<maml:para>After the policy is applied, the startup mode for each service is changed to the value specified in the security policy. However, the current status of these services is not changed until the computer is restarted.</maml:para>

<maml:para>If the security policy configures exceptions for applications or services (that is, the security policy adds them to the allowed exceptions list) and those applications or services were running before Windows Firewall with Advanced Security was started, the computer will have to be restarted for these applications and services to run properly. </maml:para>

<maml:para>If the security policy applies to services that are not found in the Security Configuration Database and instead were entered on the <maml:ui>Select Additional Services</maml:ui> or the <maml:ui>Handling Unspecified Services</maml:ui> pages of SCW, then the selected server must be restarted for the applied policy to take effect. </maml:para>
</maml:introduction><maml:sections><maml:section><maml:title></maml:title><maml:introduction></maml:introduction><maml:sections><maml:section><maml:title>Additional references</maml:title><maml:introduction><maml:list class="unordered"><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Security Configuration Wizard</maml:linkText><maml:uri href="mshelp://windows/?id=e4f920ac-f27f-49b0-b870-b477b9af6224"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Configuration Action</maml:title><maml:introduction>
<maml:para>With the Security Configuration Wizard (SCW), you can create, edit, and apply a security policy. You can also roll back the last security policy that you applied if it does not function as expected.</maml:para>

<maml:para>SCW includes a command-line tool, Scwcmd, that you can use to perform various tasks. For more information, see <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=92612</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=92612"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Creating a new security policy</maml:title><maml:introduction>
<maml:para>You can create a security policy that configures services, Windows Firewall with Advanced Security, audit policy settings, and specific registry settings. The security policy is an .xml file that can be edited and applied with SCW. The policy can be made into a Group Policy object (GPO) by using the Scwcmd command-line tool. Once you have started SCW, you do not need to complete all sections in the same session. To skip sections, select the <maml:ui>Skip this section</maml:ui> check box at the beginning of each uncompleted section, save the policy, and use SCW to edit the policy later. If you select the <maml:ui>Skip this section</maml:ui> check box after configuring part of a section, your changes are not saved or applied. Settings in skipped sections remain undefined until you edit the security policy and configure those settings.</maml:para>
</maml:introduction></maml:section><maml:section>
<maml:title>Editing an existing security policy</maml:title><maml:introduction>
<maml:para>You can edit a security policy that you have already created with SCW. You must click <maml:ui>Edit an existing security policy</maml:ui> before you can browse to the location of the security policy that you want to edit. The policy that you edit can be stored locally or on a network. You can use SCW to edit policies with an .xml file name extension. Security templates with an .inf extension cannot be edited with SCW.</maml:para>

<maml:para>Manually editing the security policy is not supported. You must use SCW to edit a security policy that you have created with SCW.</maml:para>
</maml:introduction></maml:section><maml:section>
<maml:title>Applying an existing security policy</maml:title><maml:introduction>
<maml:para>Once you create a security policy with SCW, you can apply it to a test server or to your production environment. You can use the Scwcmd command-line tool to apply the same policy to multiple servers. You can use the <maml:computerOutputInline>scwcmd transform</maml:computerOutputInline> command to create GPOs. Only security policies in .xml format can be applied with SCW.</maml:para>

<maml:para>If the selected server is a member of an Active Directory domain, then the domain-based GPO security policy generally overrides registry settings that were set directly through SCW. To prevent this, you can create a GPO by using <maml:computerOutputInline>scwcmd transform</maml:computerOutputInline> and apply the GPO through Active Directory Domain Services (AD DS).</maml:para>

<maml:para>For more information about the registry values configured with SCW, see <maml:navigationLink><maml:linkText>Registry Settings</maml:linkText><maml:uri href="mshelp://windows/?id=a5c0c861-13d5-46b1-96d8-ba37b9dc50d5"></maml:uri></maml:navigationLink>.</maml:para>

<maml:alertSet class="important"><maml:title>Important </maml:title>
<maml:para>It is highly recommended that you test a newly created or modified security policy before applying it to your production environment. Testing minimizes the possibility that the new policy might cause unexpected behavior, such as compatibility issues, in your production environment. </maml:para>
</maml:alertSet>
</maml:introduction></maml:section><maml:section>
<maml:title>Rolling back the last applied security policy</maml:title><maml:introduction>
<maml:para>If you applied a security policy with SCW that causes decreased functionality for a server or other undesirable results, you can roll back the security policy so that it is no longer applied to the server. However, if the policy is edited in Local Security Policy after you apply it, the changes cannot be rolled back and will remain in their current configuration.</maml:para>

<maml:para>For services and registry values, the process of rolling back restores settings that were changed during the configuration process. For Windows Firewall with Advanced Security, the process of rolling back removes any SCW policy that is currently in place and applies the previous policy that was in place at configuration time. </maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Starting the Security Configuration Wizard</maml:linkText><maml:uri href="mshelp://windows/?id=e3e3b0ab-dfd5-4199-9262-5a564e2dde99"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Starting the Security Configuration Wizard</maml:title><maml:introduction>
<maml:para>In the Welcome to the Security Configuration Wizard section of the Security Configuration Wizard (SCW), you can select which action to take for a security policy, select the server to use, and manage the Security Configuration Database.</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Configuration Action</maml:linkText><maml:uri href="mshelp://windows/?id=dda99bfc-5e2a-45ab-8f1a-1bb533e5ff64"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Select Server</maml:linkText><maml:uri href="mshelp://windows/?id=2a1a1032-03b4-4cbf-b0d9-a3e5a4638b62"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Managing the Security Configuration Database</maml:linkText><maml:uri href="mshelp://windows/?id=76928309-f6e5-45a6-8b2c-e4a664bbcdab"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Security Configuration Wizard</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>The Security Configuration Wizard (SCW) guides you through the process of creating, editing, applying, or rolling back a security policy. A security policy that you create with SCW is an .xml file that, when applied, configures services, network security, specific registry values, and audit policy. SCW is a role-based tool: you can use it to create a policy that enables services, firewall rules, and settings that are required for a selected server to perform specific roles, such as a file server, a print server, or a domain controller.</maml:para>

<maml:para>The following are considerations for using SCW:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para>SCW disables unnecessary services and provides Windows Firewall with Advanced Security support.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Security policies that are created with SCW are not the same as security templates, which are files with an .inf extension. Security templates contain more security settings than those that can be set with SCW. However, it is possible to include a security template in an SCW security policy file.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>You can deploy security policies that you create with SCW by using Group Policy.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>SCW does not install or uninstall the components necessary for the server to perform a role. You can install role-specific components through Server Manager.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>SCW detects role dependencies. If you select a role, it automatically selects dependent roles.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>All applications that use the IP protocol and ports must be running on the server when you run SCW. </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>In some cases, you must be connected to the Internet to use the links in SCW Help. </maml:para>
</maml:listItem>
</maml:list>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Starting the Security Configuration Wizard</maml:linkText><maml:uri href="mshelp://windows/?id=e3e3b0ab-dfd5-4199-9262-5a564e2dde99"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Role-Based Service Configuration</maml:linkText><maml:uri href="mshelp://windows/?id=80692c49-598f-486e-a7c4-bcdfd4cdc078"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Network Security</maml:linkText><maml:uri href="mshelp://windows/?id=27ace7a1-059f-4768-a908-bc9cb26b678a"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Registry Settings</maml:linkText><maml:uri href="mshelp://windows/?id=a5c0c861-13d5-46b1-96d8-ba37b9dc50d5"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Audit Policy</maml:linkText><maml:uri href="mshelp://windows/?id=29fae0cd-e264-490b-b512-3c6340391e1d"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Completing the Security Configuration Wizard</maml:linkText><maml:uri href="mshelp://windows/?id=d63238f4-eb6d-4570-a9bf-138a92604588"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Confirm Service Changes</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>On the <maml:ui>Confirm Service Changes</maml:ui> page, you can see a list of all changes that this security policy would make to services on the selected server. The list compares the current startup mode of the service on the selected server to the startup mode defined in the policy. The startup mode can be <maml:ui>Disabled</maml:ui>, <maml:ui>Manual</maml:ui>, or <maml:ui>Automatic</maml:ui>. No changes are made to the selected server until you apply the security policy.</maml:para>

<maml:para>If one or more service changes are incorrect, you can modify these settings by changing your selections on previous pages. To determine which selection you must modify to have the desired result, see the <maml:ui>Used By</maml:ui> column, which indicates the role that requires the service. Return to the page on which you configured that role and make the appropriate changes.</maml:para>

<maml:para>You can also sort the list of services by clicking the heading of the column that you want to sort.</maml:para>

<maml:alertSet class="note"><maml:title>Note </maml:title>
<maml:para>You can save, view, and print the entire security policy later on the <maml:ui>Security Policy File Name</maml:ui> page.</maml:para>
</maml:alertSet>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Role-Based Service Configuration</maml:linkText><maml:uri href="mshelp://windows/?id=80692c49-598f-486e-a7c4-bcdfd4cdc078"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Network Security Rules</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>By using the Security Configuration Wizard (SCW), you can create firewall rules to allow this computer to send traffic to or receive traffic from programs, system services, computers, or users. Firewall rules can be created to take one of three actions for all connections that match the rule's criteria: allow the connection, only allow a connection that is secured through the use of Internet Protocol security (IPsec), or explicitly block the connection.</maml:para>

<maml:para>Use the View list to filter the rules that are displayed. The choices for displaying rules are:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:ui>All Rules</maml:ui>. Rules included in all other categories.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:ui>Rules from Selected Roles</maml:ui>. Rules that exist in the Security Configuration Database and that are installed and selected in SCW. The rules are enabled or disabled as appropriate for the selected roles and options.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:ui>Rules Added by the User in SCW</maml:ui>. Rules that are defined by the administrator in SCW. This list does not include rules from selected roles.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:ui>Rules Auto-Generated by SCW</maml:ui>. Rules that are automatically generated for unknown applications or services.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:ui>Rules with Additional Restrictions</maml:ui>. Rules that have been restricted by using the <maml:ui>Edit Rule</maml:ui> dialog box. Restrictions can be added to any rule and modified or removed by clicking <maml:ui>Edit</maml:ui>.</maml:para>
</maml:listItem>
</maml:list>

<maml:para>As your IT environment changes, you can change, create, or delete rules.</maml:para>

<maml:para>Click <maml:ui>Add</maml:ui> to add a new rule, or select a rule and click <maml:ui>Edit</maml:ui> to edit or remove an existing rule.</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Network Security</maml:linkText><maml:uri href="mshelp://windows/?id=27ace7a1-059f-4768-a908-bc9cb26b678a"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Add or Edit Firewall Rule</maml:linkText><maml:uri href="mshelp://windows/?id=40fb05ac-413c-422d-b046-19d534291c56"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Outbound Authentication Methods</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>On this page, information is gathered about how to authenticate with remote computers. This security setting determines which challenge/response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers.</maml:para>

<maml:para>You can choose to authenticate with a combination of the following:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:ui>Domain accounts</maml:ui></maml:para>

<maml:para>When you make this selection, you enter information about the domain controllers in the domain and trusted domains of the selected server.</maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:ui>Local accounts on the remote computers</maml:ui> </maml:para>

<maml:para>When you make this selection, you enter information about the computers used by the selected server to authenticate to other computers.</maml:para>
</maml:listItem>
</maml:list>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Registry Settings</maml:linkText><maml:uri href="mshelp://windows/?id=a5c0c861-13d5-46b1-96d8-ba37b9dc50d5"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Outbound Authentication Using Domain Accounts</maml:linkText><maml:uri href="mshelp://windows/?id=81d2084d-1192-47ce-a52e-895ddec5cb10"></maml:uri></maml:navigationLink></maml:para></maml:listItem><maml:listItem><maml:para><maml:navigationLink><maml:linkText>Outbound Authentication Using Local Accounts</maml:linkText><maml:uri href="mshelp://windows/?id=36eeb741-c9f6-436e-949b-3e9fb01a97e1"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Select Client Features</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:para>Servers can be clients of other servers. Client features must have role-specific services enabled. The Security Configuration Wizard (SCW) enables services that are necessary for the selected server to provide the client features that you select on this page. Unnecessary services are disabled. By default, only the client features that the selected server can provide without installing additional components are displayed. You can view all client features in the Security Configuration Database by changing the view to <maml:ui>All features</maml:ui>.</maml:para>

<maml:para>To enable the services that are necessary for the selected server to provide its installed client features, select the appropriate client features in the list. If you plan to install other client features on the selected server or if you will apply this security policy to other computers that have slightly different role configurations, in <maml:ui>View</maml:ui>, click <maml:ui>All features</maml:ui>, and then select the appropriate client features.</maml:para>

<maml:alertSet class="note"><maml:title>Note </maml:title>
<maml:para>To see the services and ports that are required for a specific role, click the triangle next to the client feature. SCW lists a description of the role and the required services and firewall rules.</maml:para>
</maml:alertSet>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Role-Based Service Configuration</maml:linkText><maml:uri href="mshelp://windows/?id=80692c49-598f-486e-a7c4-bcdfd4cdc078"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Managing the Security Configuration Database</maml:linkText><maml:uri href="mshelp://windows/?id=76928309-f6e5-45a6-8b2c-e4a664bbcdab"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Inbound Authentication Methods</maml:title><maml:introduction>
<maml:para>On this page, information is gathered about the computers from which users might try to authenticate to the selected server.</maml:para>

<maml:para>These security settings will determine which challenge/response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers.</maml:para>

<maml:para>These security settings will also determine if, at the next password change, the LAN Manager (LM) hash value for the new password is stored. The LM hash is relatively weak and prone to attack, as compared with the cryptographically stronger NTLM hash. Because the LM hash is stored on the local computer in the security database, the passwords can be compromised if the security database is attacked.</maml:para>

<maml:alertSet class="important"><maml:title>Important </maml:title>
<maml:para>This setting can affect the ability of computers to communicate with computers running Windows NT Server 4.0 and earlier over the network. For example, computers running Windows NT Server 4.0 Service Pack 4 (SP4) and earlier do not support NTLM version 2 (NTLMv2). Computers running Windows 95 and Windows 98 do not support NTLM.</maml:para>
</maml:alertSet>
</maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Registry keys</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:phrase>HKLM\System\CurrentControlSet\Control\LSA\LMCompatibilityLevel </maml:phrase></maml:para>
</maml:listItem>

<maml:listItem>
<maml:para><maml:phrase>HKLM\System\CurrentControlSet\Control\LSA\NoLMHash</maml:phrase></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section><maml:section>
<maml:title>Associated security settings</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para>Network security: LAN Manager authentication level </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>Network security: Do not store LAN Manager hash value on next password change </maml:para>
</maml:listItem>
</maml:list>

<maml:para>Providing inaccurate information might disrupt communication between computers on the network.</maml:para>

<maml:para>For more information about these security settings, see:</maml:para>

<maml:list class="unordered">
<maml:listItem>
<maml:para>"Network security: LAN Manager authentication level" (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=17765</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=17765"></maml:uri></maml:navigationLink>) </maml:para>
</maml:listItem>

<maml:listItem>
<maml:para>"Network security: Do not store LAN Manager hash value on next password change" (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=17766</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=17766"></maml:uri></maml:navigationLink>) </maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section><maml:section>
<maml:title>For domain controllers only</maml:title><maml:introduction>
<maml:para>An additional option appears when the <maml:ui>Domain Controller (Active Directory)</maml:ui> role is selected on the <maml:ui>Select Server Roles</maml:ui> page. The following option is specific to domain controllers:</maml:para>

<maml:para><maml:ui>Computers using RAS or VPN to connect to RAS servers that are not running Windows Server 2003 Service Pack 1 or later</maml:ui></maml:para>

<maml:para>Internet Authentication Service (IAS) servers and servers running Routing and Remote Access require Windows Server 2003 Service Pack 1 (SP1) and require support for PEAP-MSCHAPv2–only authentication in order to authenticate users with domain controllers that accept only NTLMv2.</maml:para>

<maml:para>IAS servers and servers running Routing and Remote Access use NTLM to authenticate their clients' domain credentials. This means domain controllers that need to authenticate IAS or Routing and Remote Access clients cannot be configured to accept only NTLMv2 authentication. However, starting with Windows Server 2003 SP1, it is possible for a domain controller to accept NTLM from IAS servers and servers running Routing and Remote Access but only accept NTLMv2 from everyone else. This happens by default for servers running Windows Server 2003 SP1 and IAS or Routing and Remote Access and that use PEAP-MSCHAPv2 because PEAP-MSCHAPv2 offers security protection equivalent to that of NTLMv2. This exemption does not happen by default if the server running Windows Server 2003 SP1 and IAS or Routing and Remote Access uses PPP-MSCHAPv2 to authenticate clients.</maml:para>

<maml:para>To prevent this default exemption for servers running Windows Server 2003 SP1 and IAS or Routing and Remote Access, the following registry value can be set on the domain controller:</maml:para>

<maml:para><maml:phrase>HKLM\System\CurrentControlSet\LSA\DisallowMsvChapv2</maml:phrase></maml:para>

<maml:para>If this registry value has been set on the domain controller and the domain controller is configured to accept NTLMv2 only, then the domain controller will not be able to authenticate IAS or Routing and Remote Access clients even if all of these servers are running Windows Server 2003 SP1. Therefore, if the <maml:phrase>DisallowMsvChapv2</maml:phrase> registry value has been set on the domain controller and the domain controller needs to authenticate IAS or Routing and Remote Access clients, then the <maml:ui>Computers using RAS or VPN to connect to RAS servers that are not running Windows Server 2003 Service Pack 1 or later</maml:ui> check box must be selected on the <maml:ui>Inbound Authentication Methods</maml:ui> page, even if all servers running IAS or Routing and Remote Access are also running Windows Server 2003 SP1. Since selecting this check box prevents the domain controller from being configured to accept NTLMv2 only, it is recommended that the <maml:phrase>DisallowMsvChapv2</maml:phrase> registry value not be set.</maml:para>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem>
<maml:para><maml:navigationLink><maml:linkText>Registry Settings</maml:linkText><maml:uri href="mshelp://windows/?id=a5c0c861-13d5-46b1-96d8-ba37b9dc50d5"></maml:uri></maml:navigationLink></maml:para>
</maml:listItem>
</maml:list>
</maml:introduction></maml:section>
</maml:sections>
</maml:section>
</maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><?xml version="1.0" encoding="utf-8"?>
<HelpCollection Id="scwhelp" DTDVersion="1.0" FileVersion="" LangId="1033" Copyright="© 2005 Microsoft Corporation. All rights reserved." Title="Security Configuration Wizard Help" xmlns="http://schemas.microsoft.com/help/collection/2004/11">
	<CompilerOptions CompileResult="H1S" CreateFullTextIndex="Yes" BreakerId="Microsoft.NLG.en.WordBreaker">
		<IncludeFile File="scwhelp.H1F" />
	</CompilerOptions>
	<TOCDef File="scwhelp.H1T" Id="scwhelp_TOC" />
	<VTopicDef File="scwhelp.H1V" />
	<KeywordIndexDef File="scwhelp_AssetId.H1K" />
	<KeywordIndexDef File="scwhelp_BestBet.H1K" />
	<KeywordIndexDef File="scwhelp_LinkTerm.H1K" />
	<KeywordIndexDef File="scwhelp_SubjectTerm.H1K" />
	<ItemMoniker Name="!DefaultTOC" ProgId="HxDs.HxHierarchy" InitData="AnyString" />
	<ItemMoniker Name="!DefaultFullTextSearch" ProgId="HxDs.HxFullTextSearch" InitData="AnyString" />
	<ItemMoniker Name="!DefaultAssetIdIndex" ProgId="HxDs.HxIndex" InitData="AssetId" />
	<ItemMoniker Name="!DefaultBestBetIndex" ProgId="HxDs.HxIndex" InitData="BestBet" />
	<ItemMoniker Name="!DefaultAssociativeIndex" ProgId="HxDs.HxIndex" InitData="LinkTerm" />
	<ItemMoniker Name="!DefaultKeywordIndex" ProgId="HxDs.HxIndex" InitData="SubjectTerm" />
</HelpCollection><?xml version="1.0" encoding="utf-8"?>
<HelpFileList xmlns="http://schemas.microsoft.com/help/filelist/2004/11">
	<File Url="assets\049e6f69-3ec4-477f-8f47-877f7d2f5c59.xml" />
	<File Url="assets\1847e176-7517-4daf-b58d-eb4184cb48ac.xml" />
	<File Url="assets\1f6ae869-c4be-4af1-b3df-d75fd103d81d.xml" />
	<File Url="assets\27ace7a1-059f-4768-a908-bc9cb26b678a.xml" />
	<File Url="assets\29fae0cd-e264-490b-b512-3c6340391e1d.xml" />
	<File Url="assets\2a1a1032-03b4-4cbf-b0d9-a3e5a4638b62.xml" />
	<File Url="assets\36eeb741-c9f6-436e-949b-3e9fb01a97e1.xml" />
	<File Url="assets\390e0613-7127-4a71-8edc-35c85dff4615.xml" />
	<File Url="assets\3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806.xml" />
	<File Url="assets\40fb05ac-413c-422d-b046-19d534291c56.xml" />
	<File Url="assets\4822c6e9-181b-401a-9684-d953ee9657f3.xml" />
	<File Url="assets\76928309-f6e5-45a6-8b2c-e4a664bbcdab.xml" />
	<File Url="assets\80692c49-598f-486e-a7c4-bcdfd4cdc078.xml" />
	<File Url="assets\81d2084d-1192-47ce-a52e-895ddec5cb10.xml" />
	<File Url="assets\86c6735f-7594-4704-a57d-1a3d659428fd.xml" />
	<File Url="assets\a352112f-abb0-4b59-a547-8d61422d76b4.xml" />
	<File Url="assets\a5c0c861-13d5-46b1-96d8-ba37b9dc50d5.xml" />
	<File Url="assets\b987f3f0-15e3-4f59-b6f2-3077bd12dbec.xml" />
	<File Url="assets\bb0c453b-a8e9-45ee-9271-8fb5289d6071.xml" />
	<File Url="assets\ca6061c3-7765-4162-a606-4079928b68d7.xml" />
	<File Url="assets\d63238f4-eb6d-4570-a9bf-138a92604588.xml" />
	<File Url="assets\dda99bfc-5e2a-45ab-8f1a-1bb533e5ff64.xml" />
	<File Url="assets\e3e3b0ab-dfd5-4199-9262-5a564e2dde99.xml" />
	<File Url="assets\e4f920ac-f27f-49b0-b870-b477b9af6224.xml" />
	<File Url="assets\e62e953b-0241-4219-9181-9a5941005638.xml" />
	<File Url="assets\eaddb988-5315-43ba-bda0-7ba4f5e81408.xml" />
	<File Url="assets\f07f5c0d-087f-411e-ada4-94d11d214c68.xml" />
	<File Url="assets\f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b.xml" />
	<File Url="assets\fbfa6c51-56e5-49b0-b508-9e87b6c23e05.xml" />
</HelpFileList><?xml version="1.0" encoding="utf-8"?>
<VTopicSet DTDVersion="1.0" xmlns="http://schemas.microsoft.com/help/vtopic/2004/11">
	<Vtopic Url="assets\049e6f69-3ec4-477f-8f47-877f7d2f5c59.xml" RLTitle="IP Address">
		<Attr Name="assetid" Value="049e6f69-3ec4-477f-8f47-877f7d2f5c59" />
		<Keyword Index="AssetId" Term="049e6f69-3ec4-477f-8f47-877f7d2f5c59" />
		<Keyword Index="AssetId" Term="049e6f69-3ec4-477f-8f47-877f7d2f5c591033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="049e6f69-3ec4-477f-8f47-877f7d2f5c59" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\1847e176-7517-4daf-b58d-eb4184cb48ac.xml" RLTitle="Select Additional Services">
		<Attr Name="assetid" Value="1847e176-7517-4daf-b58d-eb4184cb48ac" />
		<Keyword Index="AssetId" Term="1847e176-7517-4daf-b58d-eb4184cb48ac" />
		<Keyword Index="AssetId" Term="1847e176-7517-4daf-b58d-eb4184cb48ac1033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="1847e176-7517-4daf-b58d-eb4184cb48ac" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\1f6ae869-c4be-4af1-b3df-d75fd103d81d.xml" RLTitle="Handling Unspecified Services">
		<Attr Name="assetid" Value="1f6ae869-c4be-4af1-b3df-d75fd103d81d" />
		<Keyword Index="AssetId" Term="1f6ae869-c4be-4af1-b3df-d75fd103d81d" />
		<Keyword Index="AssetId" Term="1f6ae869-c4be-4af1-b3df-d75fd103d81d1033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="1f6ae869-c4be-4af1-b3df-d75fd103d81d" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\27ace7a1-059f-4768-a908-bc9cb26b678a.xml" RLTitle="Network Security">
		<Attr Name="assetid" Value="27ace7a1-059f-4768-a908-bc9cb26b678a" />
		<Keyword Index="AssetId" Term="27ace7a1-059f-4768-a908-bc9cb26b678a" />
		<Keyword Index="AssetId" Term="27ace7a1-059f-4768-a908-bc9cb26b678a1033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="27ace7a1-059f-4768-a908-bc9cb26b678a" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\29fae0cd-e264-490b-b512-3c6340391e1d.xml" RLTitle="Audit Policy">
		<Attr Name="assetid" Value="29fae0cd-e264-490b-b512-3c6340391e1d" />
		<Keyword Index="AssetId" Term="29fae0cd-e264-490b-b512-3c6340391e1d" />
		<Keyword Index="AssetId" Term="29fae0cd-e264-490b-b512-3c6340391e1d1033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="29fae0cd-e264-490b-b512-3c6340391e1d" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\2a1a1032-03b4-4cbf-b0d9-a3e5a4638b62.xml" RLTitle="Select Server">
		<Attr Name="assetid" Value="2a1a1032-03b4-4cbf-b0d9-a3e5a4638b62" />
		<Keyword Index="AssetId" Term="2a1a1032-03b4-4cbf-b0d9-a3e5a4638b62" />
		<Keyword Index="AssetId" Term="2a1a1032-03b4-4cbf-b0d9-a3e5a4638b621033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="2a1a1032-03b4-4cbf-b0d9-a3e5a4638b62" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\36eeb741-c9f6-436e-949b-3e9fb01a97e1.xml" RLTitle="Outbound Authentication Using Local Accounts">
		<Attr Name="assetid" Value="36eeb741-c9f6-436e-949b-3e9fb01a97e1" />
		<Keyword Index="AssetId" Term="36eeb741-c9f6-436e-949b-3e9fb01a97e1" />
		<Keyword Index="AssetId" Term="36eeb741-c9f6-436e-949b-3e9fb01a97e11033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="36eeb741-c9f6-436e-949b-3e9fb01a97e1" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\390e0613-7127-4a71-8edc-35c85dff4615.xml" RLTitle="Require LDAP Signing">
		<Attr Name="assetid" Value="390e0613-7127-4a71-8edc-35c85dff4615" />
		<Keyword Index="AssetId" Term="390e0613-7127-4a71-8edc-35c85dff4615" />
		<Keyword Index="AssetId" Term="390e0613-7127-4a71-8edc-35c85dff46151033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="390e0613-7127-4a71-8edc-35c85dff4615" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806.xml" RLTitle="Restricting Services">
		<Attr Name="assetid" Value="3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806" />
		<Keyword Index="AssetId" Term="3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806" />
		<Keyword Index="AssetId" Term="3c8bcbc9-1975-4eeb-b6d4-c9e0b78808061033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\40fb05ac-413c-422d-b046-19d534291c56.xml" RLTitle="Add or Edit Firewall Rule">
		<Attr Name="assetid" Value="40fb05ac-413c-422d-b046-19d534291c56" />
		<Keyword Index="AssetId" Term="40fb05ac-413c-422d-b046-19d534291c56" />
		<Keyword Index="AssetId" Term="40fb05ac-413c-422d-b046-19d534291c561033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="40fb05ac-413c-422d-b046-19d534291c56" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\4822c6e9-181b-401a-9684-d953ee9657f3.xml" RLTitle="System Audit Policy">
		<Attr Name="assetid" Value="4822c6e9-181b-401a-9684-d953ee9657f3" />
		<Keyword Index="AssetId" Term="4822c6e9-181b-401a-9684-d953ee9657f3" />
		<Keyword Index="AssetId" Term="4822c6e9-181b-401a-9684-d953ee9657f31033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="4822c6e9-181b-401a-9684-d953ee9657f3" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\76928309-f6e5-45a6-8b2c-e4a664bbcdab.xml" RLTitle="Managing the Security Configuration Database">
		<Attr Name="assetid" Value="76928309-f6e5-45a6-8b2c-e4a664bbcdab" />
		<Keyword Index="AssetId" Term="76928309-f6e5-45a6-8b2c-e4a664bbcdab" />
		<Keyword Index="AssetId" Term="76928309-f6e5-45a6-8b2c-e4a664bbcdab1033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="76928309-f6e5-45a6-8b2c-e4a664bbcdab" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\80692c49-598f-486e-a7c4-bcdfd4cdc078.xml" RLTitle="Role-Based Service Configuration">
		<Attr Name="assetid" Value="80692c49-598f-486e-a7c4-bcdfd4cdc078" />
		<Keyword Index="AssetId" Term="80692c49-598f-486e-a7c4-bcdfd4cdc078" />
		<Keyword Index="AssetId" Term="80692c49-598f-486e-a7c4-bcdfd4cdc0781033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="80692c49-598f-486e-a7c4-bcdfd4cdc078" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\81d2084d-1192-47ce-a52e-895ddec5cb10.xml" RLTitle="Outbound Authentication Using Domain Accounts">
		<Attr Name="assetid" Value="81d2084d-1192-47ce-a52e-895ddec5cb10" />
		<Keyword Index="AssetId" Term="81d2084d-1192-47ce-a52e-895ddec5cb10" />
		<Keyword Index="AssetId" Term="81d2084d-1192-47ce-a52e-895ddec5cb101033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="81d2084d-1192-47ce-a52e-895ddec5cb10" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\86c6735f-7594-4704-a57d-1a3d659428fd.xml" RLTitle="Registry Settings Summary">
		<Attr Name="assetid" Value="86c6735f-7594-4704-a57d-1a3d659428fd" />
		<Keyword Index="AssetId" Term="86c6735f-7594-4704-a57d-1a3d659428fd" />
		<Keyword Index="AssetId" Term="86c6735f-7594-4704-a57d-1a3d659428fd1033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="86c6735f-7594-4704-a57d-1a3d659428fd" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\a352112f-abb0-4b59-a547-8d61422d76b4.xml" RLTitle="Audit Policy Summary">
		<Attr Name="assetid" Value="a352112f-abb0-4b59-a547-8d61422d76b4" />
		<Keyword Index="AssetId" Term="a352112f-abb0-4b59-a547-8d61422d76b4" />
		<Keyword Index="AssetId" Term="a352112f-abb0-4b59-a547-8d61422d76b41033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="a352112f-abb0-4b59-a547-8d61422d76b4" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\a5c0c861-13d5-46b1-96d8-ba37b9dc50d5.xml" RLTitle="Registry Settings">
		<Attr Name="assetid" Value="a5c0c861-13d5-46b1-96d8-ba37b9dc50d5" />
		<Keyword Index="AssetId" Term="a5c0c861-13d5-46b1-96d8-ba37b9dc50d5" />
		<Keyword Index="AssetId" Term="a5c0c861-13d5-46b1-96d8-ba37b9dc50d51033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="a5c0c861-13d5-46b1-96d8-ba37b9dc50d5" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\b987f3f0-15e3-4f59-b6f2-3077bd12dbec.xml" RLTitle="Require SMB Security Signatures">
		<Attr Name="assetid" Value="b987f3f0-15e3-4f59-b6f2-3077bd12dbec" />
		<Keyword Index="AssetId" Term="b987f3f0-15e3-4f59-b6f2-3077bd12dbec" />
		<Keyword Index="AssetId" Term="b987f3f0-15e3-4f59-b6f2-3077bd12dbec1033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="b987f3f0-15e3-4f59-b6f2-3077bd12dbec" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\bb0c453b-a8e9-45ee-9271-8fb5289d6071.xml" RLTitle="Select Administration and Other Options">
		<Attr Name="assetid" Value="bb0c453b-a8e9-45ee-9271-8fb5289d6071" />
		<Keyword Index="AssetId" Term="bb0c453b-a8e9-45ee-9271-8fb5289d6071" />
		<Keyword Index="AssetId" Term="bb0c453b-a8e9-45ee-9271-8fb5289d60711033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="bb0c453b-a8e9-45ee-9271-8fb5289d6071" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\ca6061c3-7765-4162-a606-4079928b68d7.xml" RLTitle="Select Server Roles">
		<Attr Name="assetid" Value="ca6061c3-7765-4162-a606-4079928b68d7" />
		<Keyword Index="AssetId" Term="ca6061c3-7765-4162-a606-4079928b68d7" />
		<Keyword Index="AssetId" Term="ca6061c3-7765-4162-a606-4079928b68d71033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="ca6061c3-7765-4162-a606-4079928b68d7" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\d63238f4-eb6d-4570-a9bf-138a92604588.xml" RLTitle="Completing the Security Configuration Wizard">
		<Attr Name="assetid" Value="d63238f4-eb6d-4570-a9bf-138a92604588" />
		<Keyword Index="AssetId" Term="d63238f4-eb6d-4570-a9bf-138a92604588" />
		<Keyword Index="AssetId" Term="d63238f4-eb6d-4570-a9bf-138a926045881033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="d63238f4-eb6d-4570-a9bf-138a92604588" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\dda99bfc-5e2a-45ab-8f1a-1bb533e5ff64.xml" RLTitle="Configuration Action">
		<Attr Name="assetid" Value="dda99bfc-5e2a-45ab-8f1a-1bb533e5ff64" />
		<Keyword Index="AssetId" Term="dda99bfc-5e2a-45ab-8f1a-1bb533e5ff64" />
		<Keyword Index="AssetId" Term="dda99bfc-5e2a-45ab-8f1a-1bb533e5ff641033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="dda99bfc-5e2a-45ab-8f1a-1bb533e5ff64" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\e3e3b0ab-dfd5-4199-9262-5a564e2dde99.xml" RLTitle="Starting the Security Configuration Wizard">
		<Attr Name="assetid" Value="e3e3b0ab-dfd5-4199-9262-5a564e2dde99" />
		<Keyword Index="AssetId" Term="e3e3b0ab-dfd5-4199-9262-5a564e2dde99" />
		<Keyword Index="AssetId" Term="e3e3b0ab-dfd5-4199-9262-5a564e2dde991033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="e3e3b0ab-dfd5-4199-9262-5a564e2dde99" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\e4f920ac-f27f-49b0-b870-b477b9af6224.xml" RLTitle="Security Configuration Wizard">
		<Attr Name="assetid" Value="e4f920ac-f27f-49b0-b870-b477b9af6224" />
		<Keyword Index="AssetId" Term="e4f920ac-f27f-49b0-b870-b477b9af6224" />
		<Keyword Index="AssetId" Term="e4f920ac-f27f-49b0-b870-b477b9af62241033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="e4f920ac-f27f-49b0-b870-b477b9af6224" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\e62e953b-0241-4219-9181-9a5941005638.xml" RLTitle="Confirm Service Changes">
		<Attr Name="assetid" Value="e62e953b-0241-4219-9181-9a5941005638" />
		<Keyword Index="AssetId" Term="e62e953b-0241-4219-9181-9a5941005638" />
		<Keyword Index="AssetId" Term="e62e953b-0241-4219-9181-9a59410056381033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="e62e953b-0241-4219-9181-9a5941005638" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\eaddb988-5315-43ba-bda0-7ba4f5e81408.xml" RLTitle="Network Security Rules">
		<Attr Name="assetid" Value="eaddb988-5315-43ba-bda0-7ba4f5e81408" />
		<Keyword Index="AssetId" Term="eaddb988-5315-43ba-bda0-7ba4f5e81408" />
		<Keyword Index="AssetId" Term="eaddb988-5315-43ba-bda0-7ba4f5e814081033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="eaddb988-5315-43ba-bda0-7ba4f5e81408" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\f07f5c0d-087f-411e-ada4-94d11d214c68.xml" RLTitle="Outbound Authentication Methods">
		<Attr Name="assetid" Value="f07f5c0d-087f-411e-ada4-94d11d214c68" />
		<Keyword Index="AssetId" Term="f07f5c0d-087f-411e-ada4-94d11d214c68" />
		<Keyword Index="AssetId" Term="f07f5c0d-087f-411e-ada4-94d11d214c681033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="f07f5c0d-087f-411e-ada4-94d11d214c68" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b.xml" RLTitle="Select Client Features">
		<Attr Name="assetid" Value="f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b" />
		<Keyword Index="AssetId" Term="f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b" />
		<Keyword Index="AssetId" Term="f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b1033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
	<Vtopic Url="assets\fbfa6c51-56e5-49b0-b508-9e87b6c23e05.xml" RLTitle="Inbound Authentication Methods">
		<Attr Name="assetid" Value="fbfa6c51-56e5-49b0-b508-9e87b6c23e05" />
		<Keyword Index="AssetId" Term="fbfa6c51-56e5-49b0-b508-9e87b6c23e05" />
		<Keyword Index="AssetId" Term="fbfa6c51-56e5-49b0-b508-9e87b6c23e051033" />
		<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
		<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
		<Attr Name="appliesToSite" Value="BWCOnly" />
		<Attr Name="CommunityContent" Value="1" />
		<Attr Name="WillHaveMamlFeed" Value="True" />
		<Attr Name="zzpub_assetBug" Value="1785" />
		<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
		<Attr Name="zzpub_MTPSVersion" Value="11" />
		<Attr Name="Locale" Value="kbEnglish" />
		<Attr Name="AssetID" Value="fbfa6c51-56e5-49b0-b508-9e87b6c23e05" />
		<Attr Name="TopicType" Value="kbArticle" />
	</Vtopic>
</VTopicSet><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpTOC>
<HelpTOC xmlns="http://schemas.microsoft.com/help/toc/2004/11" DTDVersion="1.0" Id="scwhelp_TOC" FileVersion="" LangId="1033" ParentNodeIcon="Book" PluginStyle="Hierarchical">
	<HelpTOCNode Url="mshelp://windows/?tocid=83d9646c-9319-4341-9dc1-fd157f016200" Title="">
		<HelpTOCNode Url="mshelp://windows/?id=e4f920ac-f27f-49b0-b870-b477b9af6224" Title="Security Configuration Wizard">
			<HelpTOCNode Url="mshelp://windows/?id=e3e3b0ab-dfd5-4199-9262-5a564e2dde99" Title="Starting the Security Configuration Wizard">
				<HelpTOCNode Url="mshelp://windows/?id=dda99bfc-5e2a-45ab-8f1a-1bb533e5ff64" Title="Configuration Action" />
				<HelpTOCNode Url="mshelp://windows/?id=2a1a1032-03b4-4cbf-b0d9-a3e5a4638b62" Title="Select Server" />
				<HelpTOCNode Url="mshelp://windows/?id=76928309-f6e5-45a6-8b2c-e4a664bbcdab" Title="Managing the Security Configuration Database" />
			</HelpTOCNode>
			<HelpTOCNode Url="mshelp://windows/?id=80692c49-598f-486e-a7c4-bcdfd4cdc078" Title="Role-Based Service Configuration">
				<HelpTOCNode Url="mshelp://windows/?id=ca6061c3-7765-4162-a606-4079928b68d7" Title="Select Server Roles" />
				<HelpTOCNode Url="mshelp://windows/?id=f3ca8947-e3f5-4bc8-acf3-b384df1ebe1b" Title="Select Client Features" />
				<HelpTOCNode Url="mshelp://windows/?id=bb0c453b-a8e9-45ee-9271-8fb5289d6071" Title="Select Administration and Other Options" />
				<HelpTOCNode Url="mshelp://windows/?id=1847e176-7517-4daf-b58d-eb4184cb48ac" Title="Select Additional Services" />
				<HelpTOCNode Url="mshelp://windows/?id=1f6ae869-c4be-4af1-b3df-d75fd103d81d" Title="Handling Unspecified Services" />
				<HelpTOCNode Url="mshelp://windows/?id=e62e953b-0241-4219-9181-9a5941005638" Title="Confirm Service Changes" />
			</HelpTOCNode>
			<HelpTOCNode Url="mshelp://windows/?id=27ace7a1-059f-4768-a908-bc9cb26b678a" Title="Network Security">
				<HelpTOCNode Url="mshelp://windows/?id=eaddb988-5315-43ba-bda0-7ba4f5e81408" Title="Network Security Rules" />
				<HelpTOCNode Url="mshelp://windows/?id=40fb05ac-413c-422d-b046-19d534291c56" Title="Add or Edit Firewall Rule">
					<HelpTOCNode Url="mshelp://windows/?id=3c8bcbc9-1975-4eeb-b6d4-c9e0b7880806" Title="Restricting Services" />
					<HelpTOCNode Url="mshelp://windows/?id=049e6f69-3ec4-477f-8f47-877f7d2f5c59" Title="IP Address" />
				</HelpTOCNode>
			</HelpTOCNode>
			<HelpTOCNode Url="mshelp://windows/?id=a5c0c861-13d5-46b1-96d8-ba37b9dc50d5" Title="Registry Settings">
				<HelpTOCNode Url="mshelp://windows/?id=b987f3f0-15e3-4f59-b6f2-3077bd12dbec" Title="Require SMB Security Signatures" />
				<HelpTOCNode Url="mshelp://windows/?id=390e0613-7127-4a71-8edc-35c85dff4615" Title="Require LDAP Signing" />
				<HelpTOCNode Url="mshelp://windows/?id=f07f5c0d-087f-411e-ada4-94d11d214c68" Title="Outbound Authentication Methods">
					<HelpTOCNode Url="mshelp://windows/?id=81d2084d-1192-47ce-a52e-895ddec5cb10" Title="Outbound Authentication Using Domain Accounts" />
					<HelpTOCNode Url="mshelp://windows/?id=36eeb741-c9f6-436e-949b-3e9fb01a97e1" Title="Outbound Authentication Using Local Accounts" />
				</HelpTOCNode>
				<HelpTOCNode Url="mshelp://windows/?id=fbfa6c51-56e5-49b0-b508-9e87b6c23e05" Title="Inbound Authentication Methods" />
				<HelpTOCNode Url="mshelp://windows/?id=86c6735f-7594-4704-a57d-1a3d659428fd" Title="Registry Settings Summary" />
			</HelpTOCNode>
			<HelpTOCNode Url="mshelp://windows/?id=29fae0cd-e264-490b-b512-3c6340391e1d" Title="Audit Policy">
				<HelpTOCNode Url="mshelp://windows/?id=4822c6e9-181b-401a-9684-d953ee9657f3" Title="System Audit Policy" />
				<HelpTOCNode Url="mshelp://windows/?id=a352112f-abb0-4b59-a547-8d61422d76b4" Title="Audit Policy Summary" />
			</HelpTOCNode>
			<HelpTOCNode Url="mshelp://windows/?id=d63238f4-eb6d-4570-a9bf-138a92604588" Title="Completing the Security Configuration Wizard" />
		</HelpTOCNode>
	</HelpTOCNode>
</HelpTOC><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="AssetId" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="BestBet" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="LinkTerm" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="SubjectTerm" /> EyT`FEOܕ}\+et%(WDJ"V
S(SѥP]"!ڊ
L*%QH
~s/{np.@.YiɠTCҀ,J62!kۆ# A.]"#{v22M(ܾ
"+]\5xn]Q6͇9[>FmM?Ƹkrr!kC"^kM6$wuku.1{&v-
yT*ykRM<.a(nOx܏?7_5أn_WĦe|G>|}7rnߝx\v
h]8ȵ|!8nW%X/SX70|}k_~!\wyw#]u[譮麮{駮躮uϝ^\Aڮ9w\yI/[nÑ\]۷wkz{8]kg(uj<'c݁K;?~x]7-\{\sq/[
ȵxkK[k~~v/kq6>8S׹sV+Geky,Lrm4vq6w_֮]_j6f1,G;nWkkm_흷y7
>$>z^u$~:y\kyT')>O+xs\_D*sOiBt"ϙSWwH_D;>v{5.km6[ڷ96ǾynUzJOp8ꕞw3=͹ϺK6z:G
Nc%y[tן_C졭tRُa=\{gߨ5ϝkc;M=clzwϋ;k:6:lw9o
tk.<_ش_C={&l={7Bvٗ=u쏍]{=ozn=tǾѹ?
9>чo~kýo}k[7Oַuԥo=[ߚU[oMk_}[o]k~9Gk5׮;^ڷ=_kپֹvv-n۞:{n߆||[&tosx뭓=_~sF]۞;=o{U}o^Uz*_{K~ٗag/׀.v|=U~__5ԃ//5ׄυ/_j
j___]_P+_|^f|gԿ.l7Z__;j]]__?^C`__GbK__j'u/Կ>ԐWg_ԿFԘ[m___qcs_ԾNv}Ry|8Gn|ȮKxrop=w]o|=ݫ{ޟ}=WNq߇{}&<wqx;;q~xՇ`}G>\}Cҳso$^x˘gϛɋ>?Fꔘ^W|_Mn\/ޟÝ!|9¿K]Ծ]{RtTҹǞ):[SJ.{tXlgOΌOikON靳)ҹݞ):kS3=S:=:S3:tuJvOιҝ))Y:{SJ{tg{Jt`N));tJ|t|Jt&§J6|t|JtFħJLvOΊ鼌Oιҝ)ٛS:>:CSsK>S:>:SSJ|thlOΌN)^;tlҹS:|Jtp9:So>S:3;ttιҝ;)۝S:|JtЧJg}tx,N)>:SJwOΤ\Oι:SJ>}t΀NS:s<tάOΫyY)3>:SJv}t}JtاJ}tΆ#S:xJsL%)<L<t^߽㺷ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^//==w4Ghh4|>
IGCa
Gh4T|?2̏h>
]Gh

2͏xh9?h?=ϏhA?pHhD?ahh~4
6ÛGL|4J?h6>
s:hB?Qԏ8h4|?TGð4|?W֏!h(hf>
CGp(hr]?h}4>
F؏!hL}4*a?åG!h|}4B>
R!h_'a0``00``00``00``00``00``00``00``>':""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""#?rw}7pNi/SM0o9o!)'	9M+2܁S񞿸)9	敄Gz!b8Oާ[f,fytb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#FАĆ8C!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dC!d2!CȐ2dFtKuշOsK]џGą;¸p.\…p\.¸p.\…q½{…p\.¸p.\…p\.¸p…p\Y¸p.\…p\.88o]p\.¸p.\apqu;~z.\…p\.¸p.\…p\6.c;pnv;cswQv|#lmGz;Fx
Mw<Nބx}`냅G\>}Clmb(&$o{\*.qW
44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM4iOt1mV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[ϸ4M4=Mp4MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM4w?[mVmV[[mVmV[[mVmV[չmkjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګm~\ >iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii??ޚ{N{.¸pU\YmMV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mZn<|F@4MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44M.?KM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44mM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM4=M~5iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiwM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM4eyZiiݶOvs=ڦGyT㫣NW2ws{G=?;>?kE@MH ;wlff4Ib&7M]4()Jz$D3GDe`Vg;{|LhH{p4N褉S^a
jSؽ%pcD&&-8Sy(q.fmL1MJ^?&7X.d@u
Jh˻gY`6V2ڜiU
>XRȺW#^Уfpن'+WQ7h?+|{D\$~]|u.<;t?r1X}b:TD\j?ievClC6RP0?]EDP3
`Qv#qa	Ӌ掃܍Gg%b~Dugm9/x3xAM@),}}C
)Oa[uE<XR;G0HmqMxD/~C 2aaj6QHČ» L.	]"GB3%̀?BNpmAP'A܁׃P[ĿH߽Z7ڤȟ.e65#X$x[$L=Զboe=?zXҪU
jǦpA˾)ߵT})G^xniNV9p#ƫ 9jGxNױAbvMQh%_#~%}q̿ju=ɜp^=̶wΊqga%2qZt4(u֬Ӈl&E笳
}>~%+Gb|͜4fu2+)$U
o!Wr10
qQeo|)	S
r5jYmXe	fjfn}?.bg!.7o?;Je5#)	QG슙U=U-`tcw4!+_ړ:^ѠqaXҏ9sitp.'O"_k7qFۛ(;T!8ԯiB?jsrKx\E^ՊT.Ϭl6w2m4Lk9{b8ښH_(h,gJN>(jY/U#~Pј`QnXG,3
`Aŋ,y_r/Z lГd^cVin%5YzJ6
G`\@igR^eiExg =jlRX8Me:Mޱ/K86	Ꭸ$a@T$zOwk#c+ܦ#
<Yw[2*']*Rk:n_Ab D
\Te͈Y&|CT3;8f0AbI3:;|=%^j;ӵ¡:_GOH#?gogZKC5@H'=J+5):az3+Z&TcMKlZLcn')aQ8U3i-T=2R6V
@,IusZ!4TÐK:t6WWF¦.Kw\!ğ:sDH|/0V.wjW5=GK%5S+gj& `ʺ5H2}k+$YH0Y*R4_fbR,xK5s>jRJĸ{ L0NAAy{v9B"D^WpiMG#rGRɫ3k2TQk:xkpGLƕduZ*H]vf†JTᲴvSOϟ:؝1>,q%V...X$v4fy̹W"e\@OuKxרd:O>rۑ"Yk<0ʔz#fZSML2ӕ&qky›8˛h/o/#}J;R 'N\xeώB'DQ꼙w:VysEY˖JOdMsz{TH
:?M~U#;iY(Aa!?G
ěC'VYei;^\,U7a&o^*QwQJłm)yYUϰ`O
UKMqswuNf]Mp+t"E-~bH'"syϾ7w˕t?ǚ3FѢ{p˪=Y<"!IcGZ vx=\	6rTxأTu&}-D2"(5ʁy9UDP
uf膁?N6(3i2pӯn2U`93~B~
==6
s	(,IpW]ܾ+d(Ve*Zl{UaihgÎf{Cw`HO$LMn$ÑT:9$_4͕4	
xgRˆ/Wu^T(* J]R"|x
19}K[qyt6RI+ګ,5
ARews
<R}d<`Y}@$S7ޭDmgJ4[ aܦsY-х$bG4V(a͟xC"V^'BJBqNxghxf_ym|2U#'qKV;vynstTj쥝Jy=3~.NeX{zB\{ Hz/ʦO>!'ZZLv=\@ɕe
'boRw.\[^$t_?fSYItF3xޠC48`]{|_2(Pc%Wk쎇Fx'#2P8]sF#.oҊX)LFGR^vV//1m`ʼnP}4})^v`(C?:IpsFjGdUd+PTQE~	R~$btܰ
5[;ےA2aHjM[2L
TNh u
Qif_K6b)QQ'afB,^UoO-~?+᳸j,zL]RDQG7fhsG~zG4pG_4e'P~m,^_O*G$7	en>Ҿ[|
o2ґ.L)ZwE+Ric~#&ˢcaUy؈?&h3};K)}myUT7OO9\f5IA#bEbMI;
ԇW7sZf5fRFˌ3hT4l[x
`Tmp
!2[rƾ|y)PEQA7<[>gؒ"ᜈ?BD7GP	-Q(b+$ډD%7w_cb}RݧZXwa'jSV'&e v,&2ONkrI9uRb=OaY؃A.!Owc[0/`u:HU[(XM"Yp纐AnK>`E
ꐃ'SH\xB 5kPV9a6Բ\V&4@-ݢW)C7$P~b$FXe:B2!zZ$1+D
եQ_LvUi&
pDZXYmV)tv#cd5
V'KU:模lr-g\2\
+>F!qoq ZmxiM/\]Qnn1bj/Wq$4	!W7MVkC.!oh7SjEXEK݋r:Q#gS1wn'S7e=ʞ*nFwCn-rYN١Pۣ5u|ŵLMt^⤝t8^T#@*q`g7"uO9ͿcO>Y0)fΊs,’@7+
%v۰/K(do^
GW7ULۍ;`2P!CGv]'Sj}!|aofkPlCd)^;m"@/JM&I:Nk)4g {zܾ_Gdc	XkdVz룞eK,G{`~tFw~Nwr8_ybgCxX33ӶnŸͧ(Ҧ#L
RudYb~Vɻfg:4gµi17BĹǒ*tn=
8d2hH-KV~1BFEHSWͺa&}ENN<"AJb.y<47x$XTΞ#px01)=CLw6e3I;
$&/_<@.WL.ب`>ryӌ
!T<QKENWp~^$mǗB~(HjxJ"%x1]DSz{^n1$z
r]SO]1r^AJ*8/dz
=}D"\z˅x0+T񾆘R0ea`Ȟ9ނ	x_톟a0)9j*-TTWǵ*`YTcng51=WW.
1	]?uO+mXYaXbi.ˏB41=
X̩䠡eV0%ceqYiZjnH%j9>%M2c9㑉$/ŤRE´aZ]@ҦQ(d\$##J"rjv!
!󆆅
Z2|`7M0q?K|Gxu7
#'@@@@@@@@A?C	kvrm>Y/i"H@Gzlk?도Bdαx>}Q?+m>u،SHp2`B+?!#X9M`#xYr9e42wI}2ȎƆNm Y7O"gqÃ]H>ދ7XtЪ7>rV{W`MWY6Nݞ~V
&(#2 oF)1yɛ/pLj,xZiztivWɩ&YmRa_s#7?њb?62vxn>]r1@ՆUo
GjsvD:Iyf]C(
]Zwf&8'\pʰ4pf, MÄAe|˿uCY4hp~"^?gr{I^lk
r0ZiAԉbKAkYU~4
FX'-nVZ<|(LF paZJb&j U[
`J/f!ʃن
XojM:lW#	>߲gH1
*iLI_%?Ň=jbɝar|[BOo,=)uD TT3+YnW
ʮϖ(TvaD]Kl[X3iϲ"|V6_$`u12>?t}@93\xO*8uE:~ٸz2˕<a[/q%vpPmuY	·̖.؍zLJ(I=d2/.YYֲR8bam%)6Lt6kJ*H9He+t8җB\ZTdNZ[f71yуIiHn @OPx`-sU	.W[)S{(QxEQ7+0^y5@gx-e)AVAit0#<HLܷ2ә>anvIB-r3%5λ9JCG꺯#q L^^k'.c4-:y11 GezP#ģM>2sQU`+XcG%!G0q9P5P֘`gbͅd*$Aڄ|=dK:ӽf#jPwsLi1PĉڰHrrX"z|m18r;mCVh|3XM	e'$[/^bY8TU#X`l@^&[35G~|HkC
!E	b
ʍ.:ՊTAUrP
4E V||exooLwNld~3(ϭn5
(ݜ5*Q__k:3PԦ#|Y/;c'6nFB_t9	1#~L?E\x#_l6ޝbq5"s6핢[RGS1ݒl7v.lw;z&8K(&NI]j'y=݉ނrjB|<ߗXȭƈuf?>Z:o۵7OYzAM>Qŗ5*ʷ6b\9Ax\!${ALn&d9@k(ZEwN!1)75cdTMSٿ~\&hL=D#r9vW)FՏ{q@9 62Y_j~QG}e᥿O?2\0w(Ƥ^=FLX$|:jW_bAi)XAgYd^,cH%ʝ4U$ecCT['{lsژΙMڹwDSw֩	G|/+fO{jEpnXIiu.YWhcn2B$͏
jdC3N~=\7a_ׯ;VLB\6QgܲGj.%)
T4g	D8'rI&ї6c8GBrZǼ~l0y1DYsmoB6@x8K|:75fan`8N)TFQfpqGKC+z5xдLt؍ϳtyѰTAg0J&=?܋j#B2Co/#;l0:`JsˣT!0Jƅjhq8L/qBBE@GHD$Ft5t+ŤujApCCS]zoاbws\cЋ SE^HW_0̰>Y~t,_K"L6ю e }9IWteyg*	XJ(iLe_2{佞{<=`?9_B.2&O_a7W	t4K: {s:6v2O8褣GKeAt#x%G3Lk(VE~vP^|genM*"A90\WO(2ڒ835Fzi&ȉ)4-;vH54L[5sʓ5)PJ==;agD-"E#oz512A2~yBh&3	ʑ[`܌MJH$%׊FMA3Z `5pt O&JsH|{{=ȉ]	y׼eOT<m
"acy}3"'n^+c ֬p.uBٞ<Ɠ4+!)T3B>'d]LX.vG1P|<WbŃr꟠I"ۣc7j%bM
uZcꪼ|D$mzu8y:ne@p
Y0ߚP]g~lh8ȝӓt/8V=H^֋rf%;گK#ж@pD<&!:Vl
GHX3u|l|Q9:jMfzl
5G9$6e.MS.kAT+*\P{m4ʳWzo#\=ƭpTԉQJu[BZo2
Nm,j.A"{nu*8YmZaW%qQyPmNcxYN"p<jBO'ywiӑMHs# eo8j5ɔQ|==18lOt>x-7FQsP_m1zE)}d0):LP#R)t6595|$29j*JOU\Ý+ќV6#؛dT,t:Q-q6k<쩍]R'8OGYSͫ`S/5穕7ʋ/^ƵIdo?Ts_HKF֔.#߇f=l0'0e&«vRR
o+ŠrhtHZ1TMG1:z<$0QJӓ5#'xڃ
:K.Ε/zB(y̹
\My}NAYw~#m?
+K[u}ZzoSv
~eM@D'O "jdw7^,C-8_#%=˻m2bqTUG
ېJ?hm&X
2Éz3/7hywpbt%8,2oV)(I5eq)cgS46gE]SFMsL4Zg*22%rql|P))N-bI؄dy[!P%11Xb<	]QȫЋhyx~4|5)ZXL9@;o/S4A|
8'7TL>BlM1>@+{4c<f1c8#|Ll~'C/M	G6,j_ej1!15lPzxL}}iS!v^DMՉ-0ۨ={cLхC)q/U
N3fm6Dm6
ku
;4Rl	a2*0pcUt)u7oYKSG#Ohҥ>WPx4~
sdJEc3܎j{8f(d\RCnlLa9+w3Dm|I5T2/!8@%6h<$]LӢBwQyv.˩$/u@яQZB9vEl F
SB\@`Ee(omhb"Д5.v$DzB;M{l`028~bIgZM;E5eیCͫ53bA.\
ǔgbM7.f'>B^%zMvVv.{كeVүa">.^չčٽ(:'Yܙ4+>(0IםNi{<qo?j~y@
CʢbpfNHl	D?*4iC'ڝ^յLdcv:k(Х]J_idEv<~d|@u'z
=%SFxċFf9Ȋ7D5Ӷ\d'-!TـU7\CY"X,*ZA3$U:VK{)s1_Ps'Y[ɪp=,`pʟC]!n]LFvcIl9oewƜm	w}FlqY3Is?9c2Fz{ijܮܳM/)?V0'>/O<Gw=0M3yR遌(39Ы\ziL#=Wt3A_f]~"|ֳ}a$u}F	(7xŻ23T7hG|!-`ՏJ!⺿";)X<ՠiI& 뜙L3-ʆqN	D3rDȯ.Z3#JV`N
|%Jl}`]ih%}<9F#zL
Dr=_kz ‚Y5$5ŒSxJ1Ȧ,2FE4M^R)3T(hZ.£wt}(ftpQSq Û3@Q{Oo4)S!X9ttw|&Kܕkf6aˆH>Tdb%ґ2V 1u+<P)mU&|MEzU\U*k펠B:RAg8yת(ڌ̆YB}Wx ŒA"aaDבD{Ҕ	Z>X.qP+NK؏lr3fRY^7TJ2}Hp%!=".Wp\.Տ1GT֡
JuPԖ&ԕMZ/k@9e7'*p?\z* i%pFJl}U R[ńИ>Tw.G_șf?oXLVjwr9r|3d@IX6U*QG_+K-+eSPaȂy y~SI
RRt4%|=In +޾xTv	uw̛(&a_,}f[M
	ahҊ~'A)b|4
8 TW%1ZVuz9
.qVX,R;&9C&)%靅2G2˯/*eޠמ#ޚ@Ch‘E.:W}I!;|3[(녃g~e6{iMiEcñ|oͧqZ|pbLNٛ:/W=v+7Ad|eH5/1)HXOT~W8fDu+T͵\-8$"Em7{^'ǃ1rPN^n]UP/GܗW_fc#^dIIa-AJd"jԒX|!Ly[7YjY(5|ƲVبo$PdGX=ٟRBHv3FL6T6lM(Uq
u{Ž{<7Lo=(Sc~eEHJmkr絣+3"[c],CnO顈#{V҇A\`j*Ǣ
}L@Af͸F)ŒW-ү/
?oI	7(]g<qDla|$7R9,[놈Ez0vR&
")<Y&d䱶p븝nAb1zQw+eɳx)ΦԳU:9V4~}x9mpH[UWw1ki+>H{HɂRlӜ?._G<ʢJ48"(L=Va*̓ʯdpůAw&Tw42	%7fAV**tz``RٙHXs&ox9J4ɰmHZ#̊<LLx)øKh3"ώǁu7SBOLDJQ=\̽04<D_B}"E}`QLZ?uAGMzNJܶa"x~Yo.Z}z--Y3
d!C^\ ]۽٬N@^9%$I㿫Wh}Z;$Pf1x~k!lj!!βb\71ߡ8.<|w$4_~c-2no!G_krx?L-иy3{uD+̀jU>h^;J7ErjB B.S40\kk+⭟7볱Pqw6^/xk[M73KcKH(a|t(@j
xw>%[#=v:F8
}moPjSԼyV-(&VnߤF<gWȏŇ4 ˈ\|I1ӴATy//!
ءJŽ8OQ3B2'6jQ!<'d̰z=m>R@X3Fq''<鬉QZeˋr{<|BSo"GpaC?U$ݩP
+Fn$jE7t~^z	KVk]7څsʢ5>+Ɠ3RA
Pǀ(EJ%v5kgX̏}8$rJqrɖk%_Kf-yZw7sh+|P|)\S:.ټ$KG>ߞ̎X&߇±G4/QmYdzI}3}
,K#pZO`:Ĭ
E1)>5m(P)GJHeZB9<L!M>~1|FqpLF)ϼtș@G8YjHکShzD<~9բZvqe׶2<vMjΌKxRHo-c̏Ǿ2!c{ƶ;*ycMcYTHaeQ;AeBK0WOW
[.|F
ǪYb햡Dtw|H̽N:<$< )P1*
e9ԂH%RGM$=[ckG tF%~}7T6F웷^vRVJ8Ij@$;mQR.Q0tKÂ=Irtr!߫:@nًY-jÖ&&p`H)V!Ӓ}]\Mr<Am?Ԗgq)84$܇37;'Յw_  7
+cfYa/*U-u-/,,S!NX`O'6ɐؾА}#x"-+j%~&H""@;l8Z0R3qL@
@A/(#͝M45U$
!0Sݏ$SW1wxrAO\º[x;<)b֐-If\,ƜkŎR*{:f|[$h
'
fgVBD_<<JCqydw'^gB3rH>(,^hh?_
PF$ҷ_C\Ԓ;_#RCǒ5h	`ɷH_:#Պ9[axbu~6Fov«s0ܢ	Xqk%n9G<,ҕYm[5:h%*f"HX;&V4FN[*d۽TC~
S"oӡj6WɃM󠍶+E?;_Iy"c@TLlcE/Tfk*GuM6= XJՈT	jeoܰEt:𢈘Hŗ/SkE)3#Xʈ_ڎ8I?3zeKdgȌߊq7aDya	Ɋ3UUЛbn+Eg[ۮ1\U})s[ޡN+ٗy+F;AHS2mE:'51wM|:\tyb߳j&,mW,&48TTiBKAL<j߱ZB-[4kj[3%›)5R{T!渦SeF7m*ܷ&d1DMz6kI]}=P?]trpm7y)L0CEDX:wmU7Dҳ9i`Z1E35,')S*"ofWTdjR
|o_9ݍ) Sה$gRe)\mM2iv,ЍkrI]˿Sns7BoA%S{ߞ,
Z"TPz
Rsή[e;ykWgk=ðUs[K,`f7.spZ2/gàN|1W?N(Y-e	y;]\[ƚ4ǩ3Lej2uq~֭_9`[Weї
VK߫hLjn_i%KH cy~3ᾷ')ƕwa^_[]g*4!Vm1)D2W p覯'ZUBpIg>S"ɽg2i1a5띳'0R]O?&"_JƔ1Orْ53T88Q?U$93
m|ř8x'b7q:rc쟲Xx*!/ڲ	(mi<(!jb3_הE?3ʰߘ&	
L=<^?Ɋ52T
/ڤfKԴ%8EzN3챙;짮E_SWwCɣ[ d$3hȸ\"g
a5@菎xӳZp%FQ|x3N(s쩝6;Pe((Tq>ǹ0+pX>NT7V{)"TIل?k7	\RbP/n&yJ$^>&uYh GpA{|qxoyϾڌ-?w2fӃ$9YRتm‰d	!L1:V1%Fvd*}>Q[;!{Kޟg|<2##82dpA
r`aBLg^DݹI9[\M3d1I=x<_fA{[t 1Lؐ	WZga
Z)՛^YjB=՞E&+0ZYj4kse	nIU嚟:d*DBzqhyVF<ˍe7ayk
^pHCo\"k{A4:M
zȐmgiFRZm.2Ђ*^)%r8GXIq6g=/EL7KМ5I5F]KKֵp~"e4D(
.Y7yL-D $:[:eN?DU%VԹp2uLa4FTK<dzB(E`gv}zXwˮ&x6d3өiƂÍr<yieZ4}>=}%!1cnxSh7CAC<~b4QLO\wEJr,c4OP&Z3]<PupT߶s/e$=q}<63}gڿD*xĹc>VLUUݜy5V1N7C'ФcHz;{
ۖ7d$,P\M,
۔#Ғ$*vwSJ:]>[sx(vZB^:%N؇-a9y]ZG0/Ld(?{oܒE
_ot?B:5B^ț
PQbu5zw7ejqOE@qECo1>^y:ȅ zhֻ+N?c]n$r߄Npc_$^8O3#ۂeFJTc~Tz|`meUKeS=4]tJͫWݺw_wNX$yB1zHIA{ʞsi
b/b{
^T0a7<ΣT1Cc#^U)Ƥ.	҈-:nG:C耥;6=mO=k
OŊ!7׊;F,DpK3һzEhɡg9V5f<N:e,GLZkneEBsS)4ǛFK4gHԻzՄnwk"z55RJWD
ҜTiƖYjLNQgLV"$_94I*	%KfVZ3q5ݼ)Kv5egQ;g) OX;4\y9ܘ}19]p#	~|uTlRY|qɑcmlH{4-ĝ3 v	{TVi
u=8
(5F"cRdrwgλvOKdi)8؊W9lp(dEj1j녾̗le_X;S<_~[eZ_2^-8TRp$W ;L
0xA2̋9zV퀟0%%T<yT\+˰U	E9!=o?NZUVe;7c7>kG:aO_B-EY)B g5x}wzh}<`TߒqcḆG.2$;l(1"ѭ؝Zရ]HuYkʵQ
n˒a[7L+ x}{$u Pe'9OWqo	QG*apIbDGdEڴ1oQU\Y䕮}t§L^wwFG|-BV	\u+(NâJө5ߏ$b19	\+<$,a7z+%I>6:kkuL鍽roQT䧤nEh"cݻ PɖѴFnv=!xm\1Rvhz:'S!ƅdaB'nqP`֬A(G㧒a6g+&3mL׾'de
ڇqQ㚾d,zl~Mr?j&;7ufN-)A򣆺϶ga$y{{FNИ<W
4'.G-z3jW<6+MdZ #m>=m=3SW*ݨ.dtc{3Q'#DRy;&<0IfaSܭR:E
k{PF7d4,E5ӳ{Ml3U nPvOI@oj>٭Jn컎~9Zt{5κ)k$ҧ	FBw#X
Lå6ɓ!ia)mXn㺱9i&6FOapzHZ/U[Uʙ #hQQ(mfE_݈5"ذkЮ6'0'7BuL6Mo뾖6z+w$XJ	enl6͝1a9]Yƪa2|wo{j[QcsQZl*. 0ʗ0
ςUl){2H9n'=Z5T֎PB͇`i|dBA^~[O{g@RgسRpu9gьfkUF
U(4~&f`TAuLkQ2jsqDP2zGpʘ*5hR&w65WSyiAΤRXq)39FzG1Дe+kk&;%jM]>DyaQlU70Gg7{J*ID~gZdֲyMQn	%wmQU] [$Iw2(~.fdW^#iS^Of׃j%:l,ZW	zZ}[cG1a /A.k]-ET
e(fIR5BsI{4K[$$͑RD+`ѵySQY23 `Psl``L@ ttH3IP}t/0p:ra_ i~\w3{αu&DIZS^ԋ]ѦF2rWd?bz
¤BabnNnH4./؈2""+b*Hv-6rE`jx׽޼,+Tn%s) |m唖@FE#/lS&FV*(%$.-ׯe˴
2a0KMNEBtB.Kd&"DSD2O%'XN7Nc՛K^SIcmpngzjߩTKZu
4fzTQ˝=\Rv+aM<&{#&%%$Ղ˪T6=aQZL,'LfeBMh$UwȀG:˳$6,E3&mA/eGgBr'fW͉45e}6P}#JW[\飨d2RRv9$	dNfE)5O4olP`A{Ha$hʄ0@ߺx.ez 8/nHR]4}_{L'oh%V(ʽYš"nNh⿙{{k	t#HwKsXČ~4}YOF
FP6LKFOYz:jOyaAZynC]k0@up:՘I*H]ޠhm<.j"Wl2:U; _zuHwu#u_-W$w|7=4en<;{_w]u_yAE u>;L|{jLC>zsC01+H=>I-6JGn1l+v@XNn=s3 (7(g?<O]	`҈CQ	|
kQx[#a$DuGG Z.[_ȁ&wܻtBiy$/smSK4\:HȊ*GNN:ޕD(4Pk:kUjNeboX-G [PO~f܍cjD4YYOzh qrÕn^ןUsMk‡6$i猓p@$ڶ/ǝes6ok%b	zB PFyD^$JDvѡAHPbtʍx0m8VĝrzV5D~O|?r"LZBE<b 8"n
bH<I{^#ԥ@q`}!mC۠V#P#kݏwŁK2|>Eg56GKpx%+fQh~uI`t\#n`W m]y~UD+]։Y"@(Vk[AE/z̖.G[ɡTŔ!'w]o~}##[wh0B[vmB brNG5A+;",ukj;h7}$2w]%kY{h<
s5E>wh]+v'zr%p7Ě"0`pnlG䷐!Fr$
n<X.ȉVm#}=wѴ! `W.ū;f./Л{$ӈ-}Abފ~[S۞?]}|މ=
!!Zu硸n'mM
\sKp=!:GDmw9`@$k=:͔k>)6!a4VG+~?C7ݶh Y,rKEq]48]͉]D%k7I1kzŭ=s^=v*cT{d]E>։XvRt޳D=>aOFS_m\y{Q~"ڃ;g=ɵ%H,E>&9}Ơqw Ǎ#|c	~{QDXKwя#>;R-$?V8Go?-^<_ۥ:{q*3L\_Ndߋ*UG|7V8FZ7RH+^%D_+cw> AZsX^  bv-+%֑7<Ȑ
	#.TGz^hD^Ξ&GPVT'(XY	hg5Pp	ygZhm<,d ֫,A=0OCGq	>%t[]0
4il,\	qS	 I	Ԅ2	nP"&}KL"xS$@ Q
G_`I'0
N}HƖ<vX|x8(s
Sn::D4."P`|Í'{|On+ss<!X_ek.߭񞿡E>ZZ}Tu^mKm 	&1`2d$y	
|C{,BZ~ہpeAi^hGaЂɏpLrgG7&Au[+8( `0Zx0` ȁ@j0
8b @ $`H<0*x݇hNJnWy^i=-f[9r\nIF~#/חk亊rKc9rnI,Gʑ[<˗tkK5%~IF#ږ/ivr%-~IF4#^_үbҀ~`9Rm]|Z
\DEqPЂZ9zkho(pAK-4HZ
\RVq[A{CkEPЂ[;kho(pA-h?-zm.ݣE}$֢P[?ok(hA-p h?tZ
^{[CACkho(zAvHm-N/YF[];Be^/NEl$B-m(`z
\F[A{Cah?>>  ?IpO?gshJ+MI!~zlN[3q5,ŲqhO
oR똞&G]J)ԅ[bN쐻'ч6~KDۗP*	\6_/'uDW?e)nCn}cA`vm{GDn=o	%n+}MMY3Оbb0R@K=k؁l&Q
wrl}^[
5gD?{NEmxg0-<yF]"z1ހ	KJO^l^@OBа/x-y=^`kO~8o^<
^hOht~#= C/gzz 硼Jn5N UUSE"`ofiouM{]w5w\Is{ݺ2X3
JvW~	-dr͢`DR2cP4ݿs
w0RF,5{e[fuwmeo<ovgt)b`%`	+Pe0@Bn^mKޖ+^t)`EŮa_?|F_#(ď4W	C9/k)6CIز"zcS	޹	3Qp=݇Q-xeɦ#D(jora

	$[kuEqTϴu5RYeMyH]X4f#ZkJ-uus/Wm>g[9N?tRc9'>AKvnU_˛!tez-A4ɴ"}nUnPFYq-HjV)c?yW8l8.dWToD r>p19*3Yg<-C~_)&"=6J~/ގX_zǡ&Na3jVnJZ#z
JxgΞ(hDD^-^_}&CӸGgz{K:(o?St+]Q$h20tsH2Dnԏ?5/O&ºBͿZjSBaK $w>&ayܡ{\/'-{RLqI.|VN7(Y%-=WePg;vtSk­LɎ+!?MDW:/^C$7x*f@pOUz|p
F^׃!=|8va*!D`T%e!<>l}l|
	:fvGI5U\2uևV2]$ME,ceA96,2rJz@dJ=0U^iGu,	O%){51pM!cqY;jW5^q1Q0	\e=m_Rin'A¿ Q;c_71mWKϧs*[(SvaNSJvMbxIx5\}[F*&Aۼ3ߵQɨvMVTOQƑEj1oLE%u-.!ȊzFT&o;KC:kZsE-8D2~Rh0%fQu
{1Ik͊B]\w0QX_vX_#>"B;J%U*R)K1.pH@rr 6u35;D
ʻl5D6>>fZi:eЄUBQ8ިrc:U9Q/SXT 6ecNIEN@o2!Ri_@J@jr&"QtF<+5e\m|,Izr*&>Qѡ
*#Lי)L|z)t-,uϟD`QH"uj*ړZR*!\i=\nqҹDcȜRٵrX*{+3*'$3~@Vs,qÓJhPA&hyHnlwj'U,[eiK#T(3ع9SE
TR"U-f0j~rXiLJ,1=:Ҕ)#JS;J+P2O|ӈ=)X
0S}ebZuD5\,N
ѰSsxMd^j7ݐӪ&693=(Zo@b@˜+\ib]z1SxɏVtLl(jX:6bSXӼX^/$gk~ 
s*ZZEql
,P9uMsZ]3jff
٤wk.">U
WDӿn]Z{=5zcY,ub^be	mwR&8S9Kf22h&OUJ(JS*=RTYI2H;tPUO]ep洗b;)m{*0KGHD`OpdV)z?rЂ=um@8*U	e!'q٪udm.(K0Y:d2έ9?:@P&ԉ9l5!O4a-0{Bۛe5"~	OnNW5">k%`,(t[M62<tHF`jCAܠV`p#ͱ(yS3ف$c
,(l-3zE#3.BlF>5	pL'yi,J;un@fB	R"F'b	U샧c*˪P|i6
l2!<A'Ø~y͌	G6x{fQ^|}puGZƨ{R/P7}稰G͏ԋMkI3?Mk:˰*J<w&atrvOJb|N&w\_[~MSir75<2S$eɹqR{	E`?զSrՂW>1S?Grv~'~m8OzՃ)[cx|w՝ຎNJvk.9/H"y\qmGh^sKNRه_|nq-2A[|n}.iT:]yja^9_"W泴|ss9ܝa6~}zwn=/g)Yө7@^Zv_O23]a^TddPe& A\}&uhBA9 5pQP3XC,L&p[/"(RBZ1ɖ=Ax#	J8`4R2b8Vr[
£)>bqpUVAWt~:.XUh),QnpTГ,8.o{L#I"e4n5rZU>e>˅g|vITp=6˴=T/~-Ko|}ZunOb|یի{o7>n1૱><z;Nh|RWкә?i~X]YxeB_<zϭl$;<1z:}Ya]FwNomp~\gcp*$.0B=Y`OCTC*#WNu]yVR3ۥ6U.ib	Ѿ?D^@وM;_-W͑9!gݶfzbʄyTŸŝDڠ^	kcUI$Ae{	jsD;tĵihAUz͔k4[VxF$)%@  @@  @@ x(VN(]s

Anon7 - 2022
AnonSec Team