How to Create the Exchange Cluster Nodes OU and Policy GPO and to Import the GPO Template

 

This topic explains how to create Exchange Cluster Nodes OU and Policy GPO for the purposes of hardening an Exchange Cluster.

Before You Begin

It is highly recommended that you read Running Exchange Server 2003 Clusters in a Security-Hardened Environment before implementing this procedure.

Procedure

To create the Exchange Cluster Nodes OU and Policy GPO and to import the GPO template

  1. In Active Directory Users and Computers, connect to a domain controller that resides in the same Active Directory site as the Exchange clusters that you will be updating. Right-click Active Directory Users and Computers <domain_name>, click Connect to Domain Controller, type the name of the appropriate domain controller, and then click OK.

  2. Expand Member Servers, right-click Exchange Backend Servers, point to New, and then click Organizational Unit.

  3. In New Object - Organizational Unit, type Exchange Cluster Nodes, and then click OK.

  4. Expand Member Servers, expand Exchange Backend Servers, and move the cluster node computer objects in Active Directory into Exchange Cluster Nodes.

  5. Right-click Exchange Cluster Nodes, and then click Properties.

  6. On the Group Policy tab, click New to add a new GPO.

  7. Type Exchange Cluster Node Policy V1.1, and then press ENTER.

  8. Click Edit.

  9. In Group Policy Object Editor, under Computer Configuration, expand Windows Settings, right-click Security Settings, and the click Import Policy.

  10. In Import Policy From, select the Clear this database before importing check box. Navigate to the location where you saved the Exchange 2003 Cluster Node templates, and then double-click Exchange_2003-Cluster_Node_Base_V1_1.inf.

  11. Close Group Policy Object Editor, and then click OK.