Networking / Beginners

Export

Secedit can be used to export a configuration from a security database to a security template. This allows the security template to be used on other computers. The command to do this is

secedit /export [/MergedPolicy] [/DB filename] [/CFG filename] [/areas area1 area2...] [/log filename] [/verbose] [/quiet]

The following parameters may be provided:

  • /MergedPolicy This specifies that secedit should export both the domain and local policies.
  • /DB filename This specifies the path to the database file that contains the stored configuration to be exported.
  • /CFG filename This specifies the path where the security template is to be saved.
  • /areas This specifies the security areas of the template to be exported. The areas may be: Securitypolicy, Group_mgmt, User_rights, Regkeys, Filestore, Services. If no areas are specified, the default is all areas.
  • /log filename This specifies the path to the log file for the command.
  • /verbose This tells secedit to provide details while running.
  • /quiet This tells secedit not to provide output to the screen while running.

The output of this command could be used with other commands to make sure the same policy is in place across an entire domain.

[Previous] [Contents] [Next]

In this tutorial:

  1. Windows 2000 Security Issues
  2. Setting up the System
  3. Local Security Policy Settings
  4. Logon Message
  5. LAN Manager Authentication Level
  6. System Configuration
  7. File Systems
  8. Network
  9. Account Settings
  10. USER MANAGEMENT
  11. Setting File Permissions
  12. System Management
  13. Analysis
  14. Configuration
  15. Validation
  16. Export
  17. Auditing a System
  18. Log Files
  19. Looking for Suspicious Signs
  20. Missing Log Files or Gaps in the Log Files
  21. Unknown Processes