IMHO, it's easier and more reliable to edit a .conf or .ini file than point-and-click my way through a GUI. I deal almost exclusively with WinNT/2K and IIS, and have to make and follow checklists and scripts to make certain I've done everything in the proper order. The process is time consuming and tedious, with too much margin for human error.
If I could start off with a .conf or .ini that's already been properly configured for security, it's much easier to be certain the machine is secure. Auditing existing machines would be easier as well, just compare the current .conf to the template and resolve the differences. >From a systems administration point of view, Windows is a horrible pain in the ass. I wasn't a big fan of the dozens of .INI files in Win3x, and I'm forever trying to remember where the .conf files live on the UNIX/LINUX boxes I sometimes have to deal with, but at least I could find, read, edit, compare, backup and restore these files without spending a lifetime trying to decipher SIDs, GIDs and other meaningless (to me, at least) hexadecimal strings. Let's not talk about what a huge rectal cramp it is to try and make these changes over a 33.6kbps dial-up connection using pcAnywhere or WinVNC!
