Hi, Mark. First off, I have your "Windows NT Performance: Monitoring, Benchmarking & Tuning" book on my desk. I love it! I was surprised to see you migrate over to security. When the SCM came out for NT4 I looked forward to using it. I thought I must be doing something wrong -- I could configure the templates to what I wanted. I played off and on with the Security Snap-In for Win2k. On this last round, I read as many white papers and looked at as many templates as I could find. This time I was determined to configure a template exactly the way I wanted (I manage the IIS boxes.) Did I miss something or is this just another "wrapper" for calling functions? I resorted to a few batch & vbs files to set perms, make registry entries and such. For the granularity I'm after, should I drop the Security Template Snap-In and stick to batch & scripts? Since your monitoring & tuning book was so good, do you have one out on security? What three security books would you recommend? Thank you for your time and efforts.
Thank you for your kind comments regarding my book. I'm glad you found it useful! While I've contributed various chapters for several security books, I don't have any 'solo' security books out yet.
I personally like to write my own scripts and batch files, so if you feel comfortable with them, continue down that path!
With respect to security books, I'm assuming you are looking for Windows 2000 specific books. The ones I like are: Hacking Exposed Windows 2000 by Joel Scambray, Microsoft Windows Security Handbook by Jeff Schmidt and Windows 2000 Security by Roberta Bragg.