Scripting Question

Manage Policies Using K1000

02/07/2018 1390 views

How to change Security Policy using K1000? Such as, Rename Administrator, Disable Guest Account, Enable Logon Audit, Account Lockout Threshold, etc.
Basically things that can be done using Group Policy
Answer Summary:
0 Comments   [ + ] Show comments


Answer Chosen by the Author

To answer my own question, I end up using secedit /export to to export all configured policies like explained in below article:

What I've done was:
1. Prepare one Windows 2012 VM, and then configure the policies just like usual using gpedit
2. Once done, export it using command: secedit /export /cfg mytemplate.inf /log mylog.txt
3. If there are no errors, copy the "mytemplate.inf". If you open that file, you will find alot of value, filter it and only keep parameter that you needed
4. And to import it to target PC, copy the "mytemplate.inf" and issue the following command:
secedit /configure /db secedit.sdb /cfg mytemplate.inf /overwrite

5. Check gpedit, the parameter should have changed based on the the template.

Answered 04/29/2018 by: hendra.tommy
Yellow Belt

All Answers

Many Group Policy items can be set using registry keys, so that is one option. Otherwise you may need to develop scripts that will change settings or handle things like renaming the default administrator account (which is no longer considered best practice, by the way).

Answered 02/07/2018 by: chucksteel
Red Belt

Tried to respond to chucksteel, but didn't work: To find these registry keys, either look online or find them yourself using process monitor.


Some things you will find to be tricky to edit through registry.
Answered 02/07/2018 by: ISEKOLD
Orange Senior Belt

This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ