can't undo security template...

Posted on 2006-03-22
Last Modified: 2013-12-04
I have a windows 2003 server that I applied a locked down security template to. However, now it seems that when an installer is run it won't let it start the service that it creates. It says 'access denied'.
I went into security config. and analysis and put the LOCAL SERVICE and SERVICE accounts in the 'log on as a service' setting, but it still says access denied. Then I tried importing the 'compatws.inf' template and configuring that, but I still get access denied.

It seems like it's still getting those high security settings even though I've imported another template.

How can I apply new templates or at least engage the compatability one so that I can start the service and install the software?
Question by:wlandymore
    LVL 23

    Expert Comment

    If you are saying you ran the SCW, you'll need to run it again, and modify and update your configuration template to account for the new applications and services.

    It's always a good idea to be wait to run the SCW until all applications and services that are going to be used on a server are installed and running (like IIS, etc.), so that you aren't going back through the SCW very often.
    LVL 1

    Author Comment

    That doesn't answer the question at all. I'm trying to 'undo' a security template, not develop a policy on how they should be deployed.

    I'm looking for a way to roll back to the original security configuration and like I said, I already applied the setup security template and that didn't work.
    LVL 23

    Accepted Solution

    Sorry, I saw SCA, and thought SCW.

    You are saying you ran the default policy here: , right?

    From here:

     new feature in Server 2003 security lets you easily reapply the default security settings if you’ve made changes. There are two ways to do this:

    With the graphical interface
    At the command line
    To reapply the settings with the GUI, you use the Security Configuration and Analysis tool (create a custom MMC and add the Security Configuration and Analysis snap-in). Log on with the appropriate administrative privileges (local administrator to reapply default settings to the local computer or domain or enterprise admin privileges to reapply settings to a domain computer). You must import the appropriate template (DC security template for domain controllers or the setup security template for non-domain controllers), then do the following:

    Check the Clear this database before importing checkbox.
    Click Open.
    Right click Security Configuration and Analysis in the console tree and select Configure Computer Now.
    Specify a file path for the error log or accept the default path.
    Click OK to perform the configuration.
    You can also use the secedit command to reapply default settings for specific areas instead of applying the entire setup security template.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
    Article by: btan
    The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
    This video discusses moving either the default database or any database to a new volume.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now