Don't know exactly what settings you're looking to export, sounds like the
password requirements, auditing, security settings, etc.
Yes, most of them are stored in the registry - not in any one place.
To the best of my knowledge there is no way to capture all of these
settings, the best way that I've found is to use the secedit command to dump
the current settings to an .inf file. Once in the .inf file the settings can
be examined either through the text in the file itself (if you're familiar
with the contents) or using the Security Templates MMC snap-in.
Try using this command and see if this helps you get the configuration
information that you need
secedit /export /cfg C:\Temp\%ComputerName%\current-settings.inf
HTH,
Robert
-----Original Message-----
From: Petr.Kazil@eap.nl [mailto:Petr.Kazil@eap.nl]
Sent: Monday, May 23, 2005 7:58 AM
To: pen-test@securityfocus.com
Subject: Exchange mail server settings - easy dump possible?
I've been playing with a trial version of Exchange Server 2003.
Using the NIST, NSA and Microsoft security guidelines I'm getting a better
idea of the relevant security settings.
But it's a pain to click through all the relevant screens in the System
Manager GUI.
Is there a tool that dumps all the settings in one readable text file - for
example like Dumpsec ?
I haven't been able to find it yet.
I have found and used the Exchange Best Practices Analyzer Tool, and it
works fine and covers some of the relevant settings but (AFAIK) not all of
them.
Or are the settings stored in the registry, a config file or an XML-file
with settings somewhere?
I'm reluctant to try scripting, because I fear that the learning curve will
be steep (I know VBscript but not the WMI/API interfaces I would probably
need).
I will search through my old WindowsITPro magazines and probably it will be
in here somewhere ...
Thanks for any suggestions.
Petr
