Configuration
Secedit can also be used to configure a system. The command syntax for this operation is
secedit /configure [/DB filename] [/CFG filename] [/overwrite]
[/areas area1 area2...] [/log filename] [/verbose] [/quiet]
The following parameters may be provided:
- /DB filename This specifies the path to the database file containing the template to be used.
- /CFG filename This specifies the path to a security template that can be imported into the database and then applied to the system.
- /overwrite This specifies that the policy in the security template identified by the /CFG command should overwrite the policy in the database.
- /areas This specifies the security areas of the template that are to be applied to the system. The areas may be: Securitypolicy, Group_mgmt, User_rights, Regkeys, Filestore, Services. If no areas are specified, the default is all areas.
- /log filename This specifies the path to the log file that will be created by the command.
- /verbose This tells secedit to provide details while running.
- /quiet This tells secedit not to provide output to the screen while running.
This command can be used to force a particular security configuration on a system.
In this tutorial:
- Windows 2000 Security Issues
- Setting up the System
- Local Security Policy Settings
- Logon Message
- LAN Manager Authentication Level
- System Configuration
- File Systems
- Network
- Account Settings
- USER MANAGEMENT
- Setting File Permissions
- System Management
- Analysis
- Configuration
- Validation
- Export
- Auditing a System
- Log Files
- Looking for Suspicious Signs
- Missing Log Files or Gaps in the Log Files
- Unknown Processes