archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/ssr/schemas/ssrmain.xml

668 lines
39 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. ��<?xml version="1.0"?>
  3. <!-- XSD validation: should use schema location attributes instead of schema caches -->
  5. <!--<x:root xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' -->
  6. <!-- xsi:schemaLocation='http://xsdtesting t.xsd' -->
  7. <!-- xmlns:x='http://xsdtest' > -->
  9. <SSRKnowledgeBase>
  11. <!-- ****************************************************************************************************************** -->
  12. <!-- Description: -->
  13. <!-- The pre-processor munges this data with current system configuration and possibly a previous security policy -->
  14. <!-- to create an XML file (Main.XML) that drives the mainline UI -->
  15. <!-- ****************************************************************************************************************** -->
  17. <!-- ****************************************************************************************************************** -->
  18. <!-- Preprocessing algorithm - Must be run everytime the UI is invoked. -->
  19. <!-- -->
  20. <!-- Inputs: -->
  21. <!-- Security Mode - Must be one of the "Modes" supported by the KB. In this case Maximum or Typical. -->
  22. <!-- This parameter is used to determine default selection for satisfiable Roles as follows. -->
  23. <!-- Previously Created Security Policy - -->
  24. <!-- Path for output file - -->
  25. <!-- -->
  26. <!-- For each Role: -->
  27. <!-- If Role is satisfiable, then -->
  28. <!-- Role\Satisfiable = TRUE -->
  29. <!-- Role\Selected = MODE Value -->
  30. <!-- Else -->
  31. <!-- Role\Satisfiable = FALSE -->
  32. <!-- Role\Selected = FALSE -->
  33. <!-- Endif -->
  34. <!-- For each Service within the Role -->
  35. <!-- If Service is Required for Role, then -->
  36. <!-- Service\Select = TRUE (Thus the Select fields don't exist for services when Required=True -->
  37. <!-- Else -->
  38. <!-- Service\Select = MODE Value -->
  39. <!-- Endif -->
  40. <!-- Next Service -->
  41. <!-- Next Role -->
  42. <!-- -->
  43. <!-- MODE VALUE is (TRUE, FALSE, DEFAULT, CUSTOM) -->
  44. <!-- DEFAULT for Role\Selected returns TRUE iff all required services are installed and NOT disabled. -->
  45. <!-- DEFAULT for Service\Select returns TRUE iff service is optional, installed, and NOT disabled. -->
  46. <!-- -->
  47. <!-- Preprocessor needs to do other stuff too - see target UI file. -->
  48. <!-- ****************************************************************************************************************** -->
  50. <!-- ****************************************************************************************************************** -->
  51. <!-- BEST PRACTICE: -->
  52. <!-- For Service\Select, the MODE value should be either TRUE or FALSE. This will prevent the behavior where -->
  53. <!-- different services are defaulted in based on how the machine is configured. Such behavior isn't bad for Roles -->
  54. <!-- because the roles are in your face. Services however are less discoverable and this would make the offline -->
  55. <!-- case non-deterministic. Furthermore: -->
  56. <!-- Most optional components are required for their own roles. In these cases, the roles and their required -->
  57. <!-- services will be displayed and selected by default. DEFUALT and CUSTOM for services only buys you -->
  58. <!-- something when the service is optional and not required for the role yet it's installed and you want to catch it. -->
  59. <!-- In these cases, I say it's better to default the service to FALSE than to have it show up or not based on how -->
  60. <!-- the machine is configured. -->
  61. <!-- In short, the interpretation is that optional components, by their nature, are not typical, -->
  62. <!-- and thus are not selected by default (unless they are required for their own role). -->
  63. <!-- ****************************************************************************************************************** -->
  65. <!-- ****************************************************************************************************************** -->
  66. <!-- Notes: -->
  67. <!-- Optional means optional Windows component -->
  68. <!-- Required means Required for the Role -->
  69. <!-- If a Role has been selected, the required services for that role cannot be deselected. The user must -->
  70. <!-- go back and deselect the role. -->
  71. <!-- The Role Type attribute determines whether normal visibility rules are overriden in the UI -->
  72. <!-- - The UI should not display Independent roles in the role selection UI, HOWEVER, -->
  73. <!-- the independent roles are visible for filtering on the service tweaking page. -->
  74. <!-- A Service may belong to more that one role, once it's been "selected" by the user either explicitly or as -->
  75. <!-- a result of selecting a role, it should stay "selected" unless the user deselects it. -->
  76. <!-- unless the user explicitly turns it off. -->
  77. <!-- Due to the fact that no corporate customer probably wants the autoupdate service running, the hotfix portion of -->
  78. <!-- SSR will likely need to offer to START then START the autoupdate and dependent services in order to do the hotfix -->
  79. <!-- check. -->
  80. <!-- ****************************************************************************************************************** -->
  82. <!-- ****************************************************************************************************************** -->
  83. <!-- ToDo: -->
  84. <!-- Role Dependencies (Punt) -->
  85. <!-- Service Dependencies (needed for Offline Mode and to deal with the fact that SCM is not accurate) -->
  86. <!-- - Engine should probably combine SCM dependencies with KB dependencies to get the most accurate picture -->
  87. <!-- ****************************************************************************************************************** -->
  89. <!-- ****************************************************************************************************************** -->
  90. <!-- Revision History: -->
  91. <!-- This should be deleted before shipping -->
  92. <!-- 09/18/2001 - First Draft Service Component (kirksol) -->
  93. <!-- ****************************************************************************************************************** -->
  95. <Description>
  96. <Name> Microsoft </Name>
  97. <DisplayName> Microsoft </DisplayName>
  98. </Description>
  100. <SecurityLevels>
  101. <Level>
  102. <Name> Maximum </Name>
  103. <DisplayName> Maximimum </DisplayName>
  104. <DisplayText> Causes the wizard to choose the most secure settings by default. For example, when a role is selected, only the minimal services required to perform that role will be enabled by defualt. </DisplayText>
  105. </Level>
  106. <Level>
  107. <Name> Typical </Name>
  108. <DisplayName> Typical </DisplayName>
  109. <DisplayText> Causes the wizard to choose the most functional settings by default. For example, when a role is selected, the most common services related to that role will be enabled by default. </DisplayText>
  110. </Level>
  111. </SecurityLevels>
  113. <Roles>
  114. <Role Type="Independent">
  115. <Name> Core </Name>
  116. <Selected>
  117. <Maximum Value="TRUE"/>
  118. <Typical Value="TRUE"/>
  119. </Selected>
  120. <Services>
  121. <Service>
  122. <Name> EventLog </Name>
  123. <Required> TRUE </Required>
  124. <Select>
  125. <Maximum Value="TRUE"/>
  126. <Typical Value="TRUE"/>
  127. </Select>
  128. </Service>
  129. <Service>
  130. <Name> Netman </Name>
  131. <Required> TRUE </Required>
  132. <Select>
  133. <Maximum Value="TRUE"/>
  134. <Typical Value="TRUE"/>
  135. </Select>
  136. </Service>
  137. <Service>
  138. <Name> PlugPlay </Name>
  139. <Required> TRUE </Required>
  140. <Select>
  141. <Maximum Value="TRUE"/>
  142. <Typical Value="TRUE"/>
  143. </Select>
  144. </Service>
  145. <Service>
  146. <Name> RPCSs </Name>
  147. <Required> TRUE </Required>
  148. <Select>
  149. <Maximum Value="TRUE"/>
  150. <Typical Value="TRUE"/>
  151. </Select>
  152. </Service>
  153. <Service>
  154. <Name> SamSs </Name>
  155. <Required> TRUE </Required>
  156. <Select>
  157. <Maximum Value="TRUE"/>
  158. <Typical Value="TRUE"/>
  159. </Select>
  160. </Service>
  161. <Service>
  162. <Name> WinMgmt </Name>
  163. <Required> TRUE </Required>
  164. <Select>
  165. <Maximum Value="TRUE"/>
  166. <Typical Value="TRUE"/>
  167. </Select>
  168. </Service>
  169. </Services>
  170. </Role>
  171. <Role Type="Independent">
  172. <Name> Security </Name>
  173. <Selected>
  174. <Maximum Value="TRUE"/>
  175. <Typical Value="TRUE"/>
  176. </Selected>
  177. <Services>
  178. <Service>
  179. <Name> CryptSvc </Name>
  180. <Required> TRUE </Required>
  181. <Select>
  182. <Maximum Value="TRUE"/>
  183. <Typical Value="TRUE"/>
  184. </Select>
  185. </Service>
  186. <Service>
  187. <Name> NtLmSSP </Name>
  188. <Required> TRUE </Required>
  189. <Select>
  190. <Maximum Value="TRUE"/>
  191. <Typical Value="TRUE"/>
  192. </Select>
  193. </Service>
  194. <Service>
  195. <Name> PolicyAgent </Name>
  196. <Required> TRUE </Required>
  197. <Select>
  198. <Maximum Value="TRUE"/>
  199. <Typical Value="TRUE"/>
  200. </Select>
  201. </Service>
  202. <Service>
  203. <Name> ProtectedStorage </Name>
  204. <Required> TRUE </Required>
  205. <Select>
  206. <Maximum Value="TRUE"/>
  207. <Typical Value="TRUE"/>
  208. </Select>
  209. </Service>
  210. <Service>
  211. <Name> SCardDrv </Name>
  212. <Required> TRUE </Required>
  213. <Select>
  214. <Maximum Value="TRUE"/>
  215. <Typical Value="TRUE"/>
  216. </Select>
  217. </Service>
  218. <Service>
  219. <Name> SCardSvr </Name>
  220. <Required> TRUE </Required>
  221. <Select>
  222. <Maximum Value="TRUE"/>
  223. <Typical Value="TRUE"/>
  224. </Select>
  225. </Service>
  226. <Service>
  227. <Name> seclogon </Name>
  228. <Required> TRUE </Required>
  229. <Select>
  230. <Maximum Value="TRUE"/>
  231. <Typical Value="TRUE"/>
  232. </Select>
  233. </Service>
  234. </Services>
  235. </Role>
  236. <Role Type="Independent">
  237. <Name> Management </Name>
  238. <Selected>
  239. <Maximum Value="TRUE"/>
  240. <Typical Value="TRUE"/>
  241. </Selected>
  242. <Services>
  243. <Service>
  244. <Name> Alerter </Name>
  245. <Required> FALSE </Required>
  246. <Select>
  247. <Maximum Value="FALSE"/>
  248. <Typical Value="FALSE"/>
  249. </Select>
  250. </Service>
  251. <Service>
  252. <Name> BITS </Name>
  253. <Required> FALSE </Required>
  254. <Select>
  255. <Maximum Value="CUSTOM" FunctionName="AutoUpdateEnabled" DLLName="SSRHelper.DLL" />
  256. <Typical Value="CUSTOM" FunctionName="AutoUpdateEnabled" DLLName="SSRHelper.DLL"/>
  257. </Select>
  258. </Service>
  259. <Service>
  260. <Name> dmadmin </Name>
  261. <Required> FALSE </Required>
  262. <Select>
  263. <Maximum Value="FALSE"/>
  264. <Typical Value="TRUE"/>
  265. </Select>
  266. </Service>
  267. <Service>
  268. <Name> dmserver </Name>
  269. <Required> FALSE </Required>
  270. <Select>
  271. <Maximum Value="FALSE"/>
  272. <Typical Value="TRUE"/>
  273. </Select>
  274. </Service>
  275. <Service>
  276. <Name> helpsvc </Name>
  277. <Required> FALSE </Required>
  278. <Select>
  279. <Maximum Value="FALSE" />
  280. <Typical Value="CUSTOM" FunctionName="RemoteAssistanceEnabled" DLLName="SSRHelper.DLL"/>
  281. </Select>
  282. </Service>
  283. <Service>
  284. <Name> Messenger </Name>
  285. <Required> FALSE </Required>
  286. <Select>
  287. <Maximum Value="FALSE"/>
  288. <Typical Value="FALSE"/>
  289. </Select>
  290. </Service>
  291. <Service>
  292. <Name> NtmsSvc </Name>
  293. <Required> FALSE </Required>
  294. <Select>
  295. <Maximum Value="FALSE"/>
  296. <Typical Value="FALSE"/>
  297. </Select>
  298. </Service>
  299. <Service>
  300. <Name> ProcCon </Name>
  301. <Required> FALSE </Required>
  302. <Select>
  303. <Maximum Value="FALSE"/>
  304. <Typical Value="TRUE"/>
  305. </Select>
  306. </Service>
  307. <Service>
  308. <Name> RemoteRegistry </Name>
  309. <Required> FALSE </Required>
  310. <Select>
  311. <Maximum Value="FALSE"/>
  312. <Typical Value="TRUE"/>
  313. </Select>
  314. </Service>
  315. <Service>
  316. <Name> Schedule </Name>
  317. <Required> FALSE </Required>
  318. <Select>
  319. <Maximum Value="FALSE"/>
  320. <Typical Value="CUSTOM" FunctionName="TasksAreScheduled" DLLName="SSRHelper.DLL"/>
  321. </Select>
  322. </Service>
  323. <Service>
  324. <Name> SENS </Name>
  325. <Required> FALSE </Required>
  326. <Select>
  327. <Maximum Value="FALSE"/>
  328. <Typical Value="FALSE"/>
  329. </Select>
  330. </Service>
  331. <Service>
  332. <Name> SysmonLog </Name>
  333. <Required> FALSE </Required>
  334. <Select>
  335. <Maximum Value="FALSE"/>
  336. <Typical Value="CUSTOM" FunctionName="NonDefaultPerfLogsDefined" DLLName="SSRHelper.DLL"/>
  337. </Select>
  338. </Service>
  339. <Service>
  340. <Name> TlntSvr </Name>
  341. <Required> FALSE </Required>
  342. <Select>
  343. <Maximum Value="FALSE"/>
  344. <Typical Value="FALSE"/>
  345. </Select>
  346. </Service>
  347. <Service>
  348. <Name> UPS </Name>
  349. <Required> FALSE </Required>
  350. <Select>
  351. <Maximum Value="CUSTOM" FunctionName="UPSAttached" DLLName="SSRHelper.DLL"/>
  352. <Typical Value="CUSTOM" FunctionName="UPSAttached" DLLName="SSRHelper.DLL"/>
  353. </Select>
  354. </Service>
  355. <Service>
  356. <Name> wmi </Name>
  357. <Required> FALSE </Required>
  358. <Select>
  359. <Maximum Value="FALSE"/>
  360. <Typical Value="TRUE"/>
  361. </Select>
  362. </Service>
  363. <Service>
  364. <Name> WmiApSrv </Name>
  365. <Required> FALSE </Required>
  366. <Select>
  367. <Maximum Value="FALSE"/>
  368. <Typical Value="TRUE"/>
  369. </Select>
  370. </Service>
  371. <Service>
  372. <Name> wuauserv </Name>
  373. <Required> FALSE </Required>
  374. <Select>
  375. <Maximum Value="FALSE"/>
  376. <Typical Value="TRUE"/>
  377. </Select>
  378. </Service>
  379. <Service>
  380. <Name> WZCSVC </Name>
  381. <Required> FALSE </Required>
  382. <Select>
  383. <Maximum Value="FALSE"/>
  384. <Typical Value="FALSE"/>
  385. </Select>
  386. </Service>
  387. </Services>
  388. </Role>
  389. <Role Type="Independent">
  390. <Name> Independent </Name>
  391. <Selected>
  392. <Maximum Value="TRUE" />
  393. <Typical Value="TRUE" />
  394. </Selected>
  395. <Services>
  396. <Service>
  397. <Name> ClipSrv </Name>
  398. <Required> FALSE </Required>
  399. <Select>
  400. <Maximum Value="FALSE"/>
  401. <Typical Value="FALSE"/>
  402. </Select>
  403. </Service>
  404. <!-- ... -->
  405. </Services>
  406. </Role>
  407. <Role Type="Server">
  408. <Name> CertServer </Name>
  409. <Selected>
  410. <Maximum Value="FALSE"/>
  411. <Typical Value="TRUE" />
  412. </Selected>
  413. <Services>
  414. <Service>
  415. <Name> CertSvc </Name>
  416. <Required> TRUE </Required>
  417. <Select>
  418. <Maximum Value="TRUE"/>
  419. <Typical Value="TRUE"/>
  420. </Select>
  421. </Service>
  422. </Services>
  423. </Role>
  424. <Role Type="Server">
  425. <Name> DomainMember </Name>
  426. <Selected>
  427. <Maximum Value="FALSE" />
  428. <Typical Value="CUSTOM" FunctionName="IsDomainMember" DLLName="SSRHelper.DLL" />
  429. </Selected>
  430. <Services>
  431. <Service>
  432. <Name> AppMgmt </Name>
  433. <Required> FALSE </Required>
  434. <Select>
  435. <Maximum Value="FALSE"/>
  436. <Typical Value="TRUE" />
  437. </Select>
  438. </Service>
  439. <Service>
  440. <Name> lanmanworkstation </Name>
  441. <Required> TRUE </Required>
  442. <Select>
  443. <Maximum Value="TRUE"/>
  444. <Typical Value="TRUE"/>
  445. </Select>
  446. </Service>
  447. <Service>
  448. <Name> Netlogon </Name>
  449. <Required> TRUE </Required>
  450. <Select>
  451. <Maximum Value="TRUE"/>
  452. <Typical Value="TRUE"/>
  453. </Select>
  454. </Service>
  455. <Service>
  456. <Name> RSoPProv </Name>
  457. <Required> FALSE </Required>
  458. <Select>
  459. <Maximum Value="FALSE"/>
  460. <Typical Value="TRUE"/>
  461. </Select>
  462. </Service>
  463. <Service>
  464. <Name> W32Time </Name>
  465. <Required> TRUE </Required>
  466. <Select>
  467. <Maximum Value="TRUE"/>
  468. <Typical Value="TRUE"/>
  469. </Select>
  470. </Service>
  471. </Services>
  472. </Role>
  474. <Role Type="Server">
  475. <Name> Print </Name>
  476. <Selected>
  477. <Maximum Value="FALSE"/>
  478. <Typical Value="CUSTOM" FunctionName="PrintSharesExist" DLLName="SSRHelper.DLL"/>
  479. </Selected>
  480. <Services>
  481. <Service>
  482. <Name> Spooler </Name>
  483. <Required> TRUE </Required>
  484. <Select>
  485. <Maximum Value="TRUE"/>
  486. <Typical Value="TRUE"/>
  487. </Select>
  488. </Service>
  489. <Service>
  490. <Name> lanmanserver </Name>
  491. <Required> TRUE </Required>
  492. <Select>
  493. <Maximum Value="TRUE"/>
  494. <Typical Value="TRUE"/>
  495. </Select>
  496. </Service>
  497. <Service>
  498. <Name> MacPrint </Name>
  499. <Required> FALSE </Required>
  500. <Select>
  501. <Maximum Value="FALSE"/>
  502. <Typical Value="DEFAULT"/>
  503. </Select>
  504. </Service>
  505. </Services>
  506. </Role>
  507. <Role Type="Server">
  508. <Name> WEB </Name>
  509. <Selected>
  510. <Maximum Value="FALSE"/>
  511. <Typical Value="DEFAULT"/> <!-- Assuming IIS is disabled or not installed by default -->
  512. </Selected>
  513. <Services>
  514. <Service>
  515. <Name> IISAdmin </Name>
  516. <Required> TRUE </Required>
  517. <Select>
  518. <Maximum Value="TRUE"/>
  519. <Typical Value="TRUE"/>
  520. </Select>
  521. </Service>
  522. <Service>
  523. <Name> W3SSL </Name>
  524. <Required> TRUE </Required>
  525. <Select>
  526. <Maximum Value="TRUE"/>
  527. <Typical Value="TRUE"/>
  528. </Select>
  529. </Service>
  530. <Service>
  531. <Name> W3SVC </Name>
  532. <Required> TRUE </Required>
  533. <Select>
  534. <Maximum Value="TRUE"/>
  535. <Typical Value="TRUE"/>
  536. </Select>
  537. </Service>
  538. </Services>
  539. </Role>
  540. <Role Type="Client">
  541. <Name> WINSClient </Name>
  542. <Selected>
  543. <Maximum Value="FALSE" />
  544. <Typical Value="CUSTOM" FunctionName="IsWINSClient" DLLName="SSRHelper.DLL" />
  545. </Selected>
  546. <Services>
  547. <Service>
  548. <Name> lmhosts </Name>
  549. <Required> TRUE </Required>
  550. <Select>
  551. <Maximum Value="TRUE" />
  552. <Typical Value="TRUE" />
  553. </Select>
  554. </Service>
  555. <Service>
  556. <Name> NetBT </Name>
  557. <Required> TRUE </Required>
  558. <Select>
  559. <Maximum Value="TRUE" />
  560. <Typical Value="TRUE" />
  561. </Select>
  562. </Service>
  563. </Services>
  564. </Role>
  565. <Role Type="Server">
  566. <Name> Other </Name>
  567. <Selected>
  568. <Maximum Value="FALSE" />
  569. <Typical Value="CUSTOM" FunctionName="ServicesFoundThatAreNotinKB" DLLName="SSRHelper.DLL" />
  570. </Selected>
  571. <Services>
  572. <Service>
  573. <Name> MSIServer </Name>
  574. <Required> FALSE </Required>
  575. <Select>
  576. <Maximum Value="FALSE" />
  577. <Typical Value="TRUE" />
  578. </Select>
  579. </Service>
  580. <Service>
  581. <Name> COMSysApp </Name>
  582. <Required> FALSE </Required>
  583. <Select>
  584. <Maximum Value="FALSE"/>
  585. <Typical Value="TRUE"/>
  586. </Select>
  587. </Service>
  588. <Service>
  589. <Name> EventSystem </Name>
  590. <Required> FALSE </Required>
  591. <Select>
  592. <Maximum Value="FALSE"/>
  593. <Typical Value="TRUE"/>
  594. </Select>
  595. </Service>
  596. <Service>
  597. <Name> MSDTC </Name>
  598. <Required> FALSE </Required>
  599. <Select>
  600. <Maximum Value="FALSE"/>
  601. <Typical Value="TRUE"/>
  602. </Select>
  603. </Service>
  604. </Services>
  605. </Role>
  607. </Roles>
  609. <Questions>
  610. <Question>
  611. <Name> Backup </Name>
  612. <Services>
  613. <Service>
  614. <Name> SwPrv </Name>
  615. </Service>
  616. <Service>
  617. <Name> VSS </Name>
  618. </Service>
  619. <Service>
  620. <Name> COMSysApp </Name>
  621. </Service>
  622. <Service>
  623. <Name> EventSystem </Name>
  624. </Service>
  625. <Service>
  626. <Name> MSDTC </Name>
  627. </Service>
  628. </Services>
  629. </Question>
  630. <Question>
  631. <Name> RemoteRegistry </Name>
  632. <Services>
  633. <Service>
  634. <Name> lanmanserver </Name>
  635. </Service>
  636. <Service>
  637. <Name> RemoteRegistry </Name>
  638. </Service>
  639. </Services>
  640. </Question>
  641. <Question>
  642. <Name> AutoUpdate </Name>
  643. <Services>
  644. <Service>
  645. <Name> BITS </Name>
  646. </Service>
  647. <Service>
  648. <Name> wuauserv </Name>
  649. </Service>
  650. </Services>
  651. </Question>
  652. <Question>
  653. <Name> LDM </Name>
  654. <Services>
  655. <Service>
  656. <Name> dmserver </Name>
  657. </Service>
  658. <Service>
  659. <Name> dmadmin </Name>
  660. </Service>
  661. </Services>
  662. </Question>
  663. </Questions>
  665. </SSRKnowledgeBase>