文件另存.bat 批处理文件格式运行
:: 账号安全
@prompt #
echo [version] >account.inf
echo signature="$CHICAGO$" >>account.inf
echo [System Access] >>account.inf
REM 修改帐户密码最小长度为8
echo MinimumPasswordLength=8 >>account.inf
REM 开启帐户密码复杂性要求
echo PasswordComplexity=1 >>account.inf
REM 修改帐户密码最长留存期为180天
echo MaximumPasswordAge=180 >>account.inf
REM 禁用Guest帐户
echo EnableGuestAccount=0 >>account.inf
REM 设定帐户锁定阀值为6次
echo LockoutBadCount=6 >>account.inf
secedit /configure /db account.sdb /cfg account.inf /log account.log /quiet
del account.*
:: 授权权限设置
@prompt #
REM 授权配置
echo [version] >rightscfg.inf
echo signature="$CHICAGO$" >>rightscfg.inf
echo [Privilege Rights] >>rightscfg.inf
REM 从远端系统强制关机只指派给Administrators组
echo seremoteshutdownprivilege=Administrators >>rightscfg.inf
REM 关闭系统仅指派给Administrators组
echo seshutdownprivilege=Administrators >>rightscfg.inf
REM 取得文件或其它对象的所有权仅指派给Administrators
echo setakeownershipprivilege=Administrators >>rightscfg.inf
REM 在本地登陆权限仅指派给Administrators
echo seinteractivelogonright=Administrators >> rightscfg.inf
secedit /configure /db rightscfg.sdb /cfg rightscfg.inf /log rightscfg.log /quiet
del rightscfg.*
:: 认证安全
@prompt #
echo [version] >audit.inf
echo signature="$CHICAGO$" >>audit.inf
echo [Event Audit] >>audit.inf
REM 开启审核系统事件
echo AuditSystemEvents=3 >>audit.inf
REM 开启审核对象访问
echo AuditObjectAccess=3 >>audit.inf
REM 开启审核特权使用
echo AuditPrivilegeUse=3 >>audit.inf
REM 开启审核策略更改
echo AuditPolicyChange=3 >>audit.inf
REM 开启审核帐户管理
echo AuditAccountManage=3 >>audit.inf
REM 开启审核过程跟踪
echo AuditProcessTracking=2 >>audit.inf
REM 开启审核目录服务访问
echo AuditDSAccess=3 >>audit.inf
REM 开启审核登陆事件
echo AuditLogonEvents=3 >>audit.inf
REM 开启审核帐户登陆事件
echo AuditAccountLogon=3 >>audit.inf
echo AuditLog >>aud