Incorrect Analysis Information for Security Options in Security Configuration Editor

ID: Q241719

The information in this article applies to:

Microsoft Windows NT Server versions 4.0, 4.0 SP4, 4.0 SP5
Microsoft Windows NT Workstation versions 4.0, 4.0 SP4, 4.0 SP5
Microsoft Windows NT Server, Enterprise Edition versions 4.0, 4.0 SP4, 4.0 SP5

SYMPTOMS

When you use Security Configuration Editor (SCE) to edit a security template on a computer running Windows NT 4.0 and you save and import the configuration, an analysis of some security options may appear as "Matched" when they are not.

The results of the analysis show that you have configured a security setting successfully when this is not the case. This situation occurs when you change the Legal Message text in the security template or other features in the local policy.

CAUSE

This behavior occurs because the Analysis program assumes that a match is configured when a registry key value for a configuration is missing.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows NT 4.0. For additional information, please see the following article in the Microsoft Knowledge Base:

Q152734 How to Obtain the Latest Windows NT 4.0 Service Pack

STATUS

Microsoft has confirmed this to be a problem in Windows NT 4.0. This problem was first corrected in Windows NT 4.0 Service Pack 6.

MORE INFORMATION

When you apply Windows NT 4.0 Service Pack 6, the Analysis program considers any missing registry entries as "Not Configured" and reflects the status as "Mismatched."

For additional information about Microsoft Security Configuration tools, please visit the following Microsoft Web site:

http://www.microsoft.com/technet/win2000/

Additional query words: scm manager

Keywords : kbtool ntdomain ntsecurity ntsp kbbug4.00 kbfix4.00 NT4SP6Fix
Version : winnt:4.0,4.0 SP4,4.0 SP5
Platform : winnt
Issue type : kbbug