archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
 
 
 
 
 
 
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/ssr/schemas/ssrmain.xml

668 lines
39 KiB
Raw Blame History

<?xml version="1.0"?>
<!-- XSD validation: should use schema location attributes instead of schema caches -->
<!--<x:root xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' -->
<!-- xsi:schemaLocation='http://xsdtesting t.xsd' -->
<!-- xmlns:x='http://xsdtest' > -->
<SSRKnowledgeBase>
<!-- ****************************************************************************************************************** -->
<!-- Description: -->
<!-- The pre-processor munges this data with current system configuration and possibly a previous security policy -->
<!-- to create an XML file (Main.XML) that drives the mainline UI -->
<!-- ****************************************************************************************************************** -->
<!-- ****************************************************************************************************************** -->
<!-- Preprocessing algorithm - Must be run everytime the UI is invoked. -->
<!-- -->
<!-- Inputs: -->
<!-- Security Mode - Must be one of the "Modes" supported by the KB. In this case Maximum or Typical. -->
<!-- This parameter is used to determine default selection for satisfiable Roles as follows. -->
<!-- Previously Created Security Policy - -->
<!-- Path for output file - -->
<!-- -->
<!-- For each Role: -->
<!-- If Role is satisfiable, then -->
<!-- Role\Satisfiable = TRUE -->
<!-- Role\Selected = MODE Value -->
<!-- Else -->
<!-- Role\Satisfiable = FALSE -->
<!-- Role\Selected = FALSE -->
<!-- Endif -->
<!-- For each Service within the Role -->
<!-- If Service is Required for Role, then -->
<!-- Service\Select = TRUE (Thus the Select fields don't exist for services when Required=True -->
<!-- Else -->
<!-- Service\Select = MODE Value -->
<!-- Endif -->
<!-- Next Service -->
<!-- Next Role -->
<!-- -->
<!-- MODE VALUE is (TRUE, FALSE, DEFAULT, CUSTOM) -->
<!-- DEFAULT for Role\Selected returns TRUE iff all required services are installed and NOT disabled. -->
<!-- DEFAULT for Service\Select returns TRUE iff service is optional, installed, and NOT disabled. -->
<!-- -->
<!-- Preprocessor needs to do other stuff too - see target UI file. -->
<!-- ****************************************************************************************************************** -->
<!-- ****************************************************************************************************************** -->
<!-- BEST PRACTICE: -->
<!-- For Service\Select, the MODE value should be either TRUE or FALSE. This will prevent the behavior where -->
<!-- different services are defaulted in based on how the machine is configured. Such behavior isn't bad for Roles -->
<!-- because the roles are in your face. Services however are less discoverable and this would make the offline -->
<!-- case non-deterministic. Furthermore: -->
<!-- Most optional components are required for their own roles. In these cases, the roles and their required -->
<!-- services will be displayed and selected by default. DEFUALT and CUSTOM for services only buys you -->
<!-- something when the service is optional and not required for the role yet it's installed and you want to catch it. -->
<!-- In these cases, I say it's better to default the service to FALSE than to have it show up or not based on how -->
<!-- the machine is configured. -->
<!-- In short, the interpretation is that optional components, by their nature, are not typical, -->
<!-- and thus are not selected by default (unless they are required for their own role). -->
<!-- ****************************************************************************************************************** -->
<!-- ****************************************************************************************************************** -->
<!-- Notes: -->
<!-- Optional means optional Windows component -->
<!-- Required means Required for the Role -->
<!-- If a Role has been selected, the required services for that role cannot be deselected. The user must -->
<!-- go back and deselect the role. -->
<!-- The Role Type attribute determines whether normal visibility rules are overriden in the UI -->
<!-- - The UI should not display Independent roles in the role selection UI, HOWEVER, -->
<!-- the independent roles are visible for filtering on the service tweaking page. -->
<!-- A Service may belong to more that one role, once it's been "selected" by the user either explicitly or as -->
<!-- a result of selecting a role, it should stay "selected" unless the user deselects it. -->
<!-- unless the user explicitly turns it off. -->
<!-- Due to the fact that no corporate customer probably wants the autoupdate service running, the hotfix portion of -->
<!-- SSR will likely need to offer to START then START the autoupdate and dependent services in order to do the hotfix -->
<!-- check. -->
<!-- ****************************************************************************************************************** -->
<!-- ****************************************************************************************************************** -->
<!-- ToDo: -->
<!-- Role Dependencies (Punt) -->
<!-- Service Dependencies (needed for Offline Mode and to deal with the fact that SCM is not accurate) -->
<!-- - Engine should probably combine SCM dependencies with KB dependencies to get the most accurate picture -->
<!-- ****************************************************************************************************************** -->
<!-- ****************************************************************************************************************** -->
<!-- Revision History: -->
<!-- This should be deleted before shipping -->
<!-- 09/18/2001 - First Draft Service Component (kirksol) -->
<!-- ****************************************************************************************************************** -->
<Description>
<Name> Microsoft </Name>
<DisplayName> Microsoft </DisplayName>
</Description>
<SecurityLevels>
<Level>
<Name> Maximum </Name>
<DisplayName> Maximimum </DisplayName>
<DisplayText> Causes the wizard to choose the most secure settings by default. For example, when a role is selected, only the minimal services required to perform that role will be enabled by defualt. </DisplayText>
</Level>
<Level>
<Name> Typical </Name>
<DisplayName> Typical </DisplayName>
<DisplayText> Causes the wizard to choose the most functional settings by default. For example, when a role is selected, the most common services related to that role will be enabled by default. </DisplayText>
</Level>
</SecurityLevels>
<Roles>
<Role Type="Independent">
<Name> Core </Name>
<Selected>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Selected>
<Services>
<Service>
<Name> EventLog </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> Netman </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> PlugPlay </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> RPCSs </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> SamSs </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> WinMgmt </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
</Services>
</Role>
<Role Type="Independent">
<Name> Security </Name>
<Selected>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Selected>
<Services>
<Service>
<Name> CryptSvc </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> NtLmSSP </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> PolicyAgent </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> ProtectedStorage </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> SCardDrv </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> SCardSvr </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> seclogon </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
</Services>
</Role>
<Role Type="Independent">
<Name> Management </Name>
<Selected>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Selected>
<Services>
<Service>
<Name> Alerter </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="FALSE"/>
</Select>
</Service>
<Service>
<Name> BITS </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="CUSTOM" FunctionName="AutoUpdateEnabled" DLLName="SSRHelper.DLL" />
<Typical Value="CUSTOM" FunctionName="AutoUpdateEnabled" DLLName="SSRHelper.DLL"/>
</Select>
</Service>
<Service>
<Name> dmadmin </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> dmserver </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> helpsvc </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE" />
<Typical Value="CUSTOM" FunctionName="RemoteAssistanceEnabled" DLLName="SSRHelper.DLL"/>
</Select>
</Service>
<Service>
<Name> Messenger </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="FALSE"/>
</Select>
</Service>
<Service>
<Name> NtmsSvc </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="FALSE"/>
</Select>
</Service>
<Service>
<Name> ProcCon </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> RemoteRegistry </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> Schedule </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="CUSTOM" FunctionName="TasksAreScheduled" DLLName="SSRHelper.DLL"/>
</Select>
</Service>
<Service>
<Name> SENS </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="FALSE"/>
</Select>
</Service>
<Service>
<Name> SysmonLog </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="CUSTOM" FunctionName="NonDefaultPerfLogsDefined" DLLName="SSRHelper.DLL"/>
</Select>
</Service>
<Service>
<Name> TlntSvr </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="FALSE"/>
</Select>
</Service>
<Service>
<Name> UPS </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="CUSTOM" FunctionName="UPSAttached" DLLName="SSRHelper.DLL"/>
<Typical Value="CUSTOM" FunctionName="UPSAttached" DLLName="SSRHelper.DLL"/>
</Select>
</Service>
<Service>
<Name> wmi </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> WmiApSrv </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> wuauserv </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> WZCSVC </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="FALSE"/>
</Select>
</Service>
</Services>
</Role>
<Role Type="Independent">
<Name> Independent </Name>
<Selected>
<Maximum Value="TRUE" />
<Typical Value="TRUE" />
</Selected>
<Services>
<Service>
<Name> ClipSrv </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="FALSE"/>
</Select>
</Service>
<!-- ... -->
</Services>
</Role>
<Role Type="Server">
<Name> CertServer </Name>
<Selected>
<Maximum Value="FALSE"/>
<Typical Value="TRUE" />
</Selected>
<Services>
<Service>
<Name> CertSvc </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
</Services>
</Role>
<Role Type="Server">
<Name> DomainMember </Name>
<Selected>
<Maximum Value="FALSE" />
<Typical Value="CUSTOM" FunctionName="IsDomainMember" DLLName="SSRHelper.DLL" />
</Selected>
<Services>
<Service>
<Name> AppMgmt </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE" />
</Select>
</Service>
<Service>
<Name> lanmanworkstation </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> Netlogon </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> RSoPProv </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> W32Time </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
</Services>
</Role>
<Role Type="Server">
<Name> Print </Name>
<Selected>
<Maximum Value="FALSE"/>
<Typical Value="CUSTOM" FunctionName="PrintSharesExist" DLLName="SSRHelper.DLL"/>
</Selected>
<Services>
<Service>
<Name> Spooler </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> lanmanserver </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> MacPrint </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="DEFAULT"/>
</Select>
</Service>
</Services>
</Role>
<Role Type="Server">
<Name> WEB </Name>
<Selected>
<Maximum Value="FALSE"/>
<Typical Value="DEFAULT"/> <!-- Assuming IIS is disabled or not installed by default -->
</Selected>
<Services>
<Service>
<Name> IISAdmin </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> W3SSL </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> W3SVC </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
</Services>
</Role>
<Role Type="Client">
<Name> WINSClient </Name>
<Selected>
<Maximum Value="FALSE" />
<Typical Value="CUSTOM" FunctionName="IsWINSClient" DLLName="SSRHelper.DLL" />
</Selected>
<Services>
<Service>
<Name> lmhosts </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE" />
<Typical Value="TRUE" />
</Select>
</Service>
<Service>
<Name> NetBT </Name>
<Required> TRUE </Required>
<Select>
<Maximum Value="TRUE" />
<Typical Value="TRUE" />
</Select>
</Service>
</Services>
</Role>
<Role Type="Server">
<Name> Other </Name>
<Selected>
<Maximum Value="FALSE" />
<Typical Value="CUSTOM" FunctionName="ServicesFoundThatAreNotinKB" DLLName="SSRHelper.DLL" />
</Selected>
<Services>
<Service>
<Name> MSIServer </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE" />
<Typical Value="TRUE" />
</Select>
</Service>
<Service>
<Name> COMSysApp </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> EventSystem </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
<Service>
<Name> MSDTC </Name>
<Required> FALSE </Required>
<Select>
<Maximum Value="FALSE"/>
<Typical Value="TRUE"/>
</Select>
</Service>
</Services>
</Role>
</Roles>
<Questions>
<Question>
<Name> Backup </Name>
<Services>
<Service>
<Name> SwPrv </Name>
</Service>
<Service>
<Name> VSS </Name>
</Service>
<Service>
<Name> COMSysApp </Name>
</Service>
<Service>
<Name> EventSystem </Name>
</Service>
<Service>
<Name> MSDTC </Name>
</Service>
</Services>
</Question>
<Question>
<Name> RemoteRegistry </Name>
<Services>
<Service>
<Name> lanmanserver </Name>
</Service>
<Service>
<Name> RemoteRegistry </Name>
</Service>
</Services>
</Question>
<Question>
<Name> AutoUpdate </Name>
<Services>
<Service>
<Name> BITS </Name>
</Service>
<Service>
<Name> wuauserv </Name>
</Service>
</Services>
</Question>
<Question>
<Name> LDM </Name>
<Services>
<Service>
<Name> dmserver </Name>
</Service>
<Service>
<Name> dmadmin </Name>
</Service>
</Services>
</Question>
</Questions>
</SSRKnowledgeBase>