Scripting Question

Using Secedit to Apply Local Security Policy via K1000

10/06/2016 1170 views

I am attempting to apply local security policies to Windows computers using KACE.

I have exported an .inf file out of the Microsoft Management Console that contains the security changes and have been able to apply the settings while logged into the computer via command prompt or with a batch file.

The command I use for the local installation is:

secedit /configure /db c:\windows\security\local.sdb /cfg <path to file>\security.inf

However, whenever I try to push the same policy via KACE it does not apply the settings.

I have tried something like the below screenshot... I've replaced the .sdb location with $(KACE_SYS_DIR) and the file location with $(KACE_DEPENDENCY_DIR) to no avail.


From what I can tell, secedit.exe runs, but it can't find either the database (sdb) and/or the .inf file that it needs to import the settings.

For background; we have a mixed domain/off domain install base, and as such want to leverage local group / local security policies so that they work on both types of systems, so I can't use the Domain GP to set these.

Any help would be appreciated as this is probably the last stumbling block for me.
Answer Summary:
0 Comments   [ + ] Show comments


Answer Chosen by the Author

Looks like I have answered my own question, so I'll provide it here in case anyone else needs to know how to do this.  Here is a screenshot of the Online KScript:

The full parameters are: /configure /db c:\windows\security\local.sdb /cfg $(KACE_DEPENDENCY_DIR)\security.inf
Answered 10/07/2016 by: aidenpryde
White Belt

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ