secedit /export /CFG 1.ini /quiet
- [Unicode]
- Unicode=yes
- [System Access]
- MinimumPasswordAge = 0 //密码最短留存期
- MaximumPasswordAge = 42 //密码最长留存期
- MinimumPasswordLength = 0 //密码长度最小值
- PasswordComplexity = 0 //密码必须符合复杂性要求
- PasswordHistorySize = 0 //强制密码历史 N个记住的密码
- LockoutBadCount = 5 //账户锁定阈值
- ResetLockoutCount = 30 //账户锁定时间
- LockoutDuration = 30 //复位账户锁定计数器
- RequireLogonToChangePassword = 0 *下次登录必须更改密码
- ForceLogoffWhenHourExpire = 0 *强制过期
- NewAdministratorName = "Administrator" *管理员账户名称
- NewGuestName = "Guest" *来宾账户名称
- ClearTextPassword = 0
- LSAAnonymousNameLookup = 0
- EnableAdminAccount = 1 //administrator是否禁用
- EnableGuestAccount = 0 //guest是否禁用
- [Event Audit]
- AuditSystemEvents = 3 //审核系统事件 成功、失败
- AuditLogonEvents = 3 //审核登录事件 成功、失败
- AuditObjectAccess = 3 //审核对象访问 成功、失败
- AuditPrivilegeUse = 2 //审核特权使用 失败
- AuditPolicyChange = 3 //审核策略更改 成功、失败
- AuditAccountManage = 3 //审核账户管理 成功、失败
- AuditProcessTracking = 2 //审核过程追踪 失败
- AuditDSAccess = 2 //审核目录服务访问 失败
- AuditAccountLogon = 3 //审核账户登录事件 成功、失败
- [Registry Values]
- MACHINE\Software\Microsoft\Driver Signing\Policy=3,1
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel=4,0
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SetCommand=4,0
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,"0"
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateDASD=1,"0"
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,"0"
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,"10"
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ForceUnlockLogon=4,0
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\PasswordExpiryWarning=4,14
- MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScRemoveOption=1,"0"
- MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLastUserName=4,0
- MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText=7,
- MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogon=4,1
- MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon=4,1
- MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest=4,1
- MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,0
- MACHINE\System\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse=4,1
- MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSec=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\NoDefaultAdminOwner=4,1
- MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0
- MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=4,1
- MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDrivers=4,0
- MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPaths\Machine=7,System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Control\Server Applications,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
- MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel\ObCaseInsensitive=4,1
- MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,0
- MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1
- MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15
- MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1
- MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,0
- MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionPipes=7,COMNAP,COMNODE,SQL\QUERY,SPOOLSS,LLSRPC,browser
- MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionShares=7,COMCFG,DFS$
- MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0
- MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPassword=4,0
- MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnableSecuritySignature=4,1
- MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecuritySignature=4,0
- MACHINE\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrity=4,1
- MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DisablePasswordChange=4,0
- MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\MaximumPasswordAge=4,30
- MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,1
- MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey=4,0
- MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1
- MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1
- [Privilege Rights]
- SeNetworkLogonRight = *S-1-1-0,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547,*S-1-5-32-551
- SeBackupPrivilege = *S-1-5-32-544,*S-1-5-32-551
- SeChangeNotifyPrivilege = *S-1-1-0,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547,*S-1-5-32-551
- SeSystemtimePrivilege = *S-1-5-32-544,*S-1-5-32-547
- SeCreatePagefilePrivilege = *S-1-5-32-544
- SeDebugPrivilege = *S-1-5-32-544
- SeRemoteShutdownPrivilege = *S-1-5-32-544
- SeAuditPrivilege = *S-1-5-19,*S-1-5-20
- SeIncreaseQuotaPrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544
- SeIncreaseBasePriorityPrivilege = *S-1-5-32-544
- SeLoadDriverPrivilege = *S-1-5-32-544
- SeBatchLogonRight = SUPPORT_388945a0
- SeServiceLogonRight = *S-1-5-20
- SeInteractiveLogonRight = Guest,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547,*S-1-5-32-551
- SeSecurityPrivilege = *S-1-5-32-544
- SeSystemEnvironmentPrivilege = *S-1-5-32-544
- SeProfileSingleProcessPrivilege = *S-1-5-32-544,*S-1-5-32-547
- SeSystemProfilePrivilege = *S-1-5-32-544
- SeAssignPrimaryTokenPrivilege = *S-1-5-19,*S-1-5-20
- SeRestorePrivilege = *S-1-5-32-544,*S-1-5-32-551
- SeShutdownPrivilege = *S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547,*S-1-5-32-551
- SeTakeOwnershipPrivilege = *S-1-5-32-544
- SeDenyNetworkLogonRight = SUPPORT_388945a0,Guest
- SeDenyInteractiveLogonRight = SUPPORT_388945a0,Guest
- SeUndockPrivilege = *S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547
- SeManageVolumePrivilege = *S-1-5-32-544
- SeRemoteInteractiveLogonRight = *S-1-5-32-544,*S-1-5-32-555
- SeImpersonatePrivilege = *S-1-5-32-544,*S-1-5-6
- SeCreateGlobalPrivilege = *S-1-5-32-544,*S-1-5-4,*S-1-5-6
- [Version]
- signature="$CHICAGO$"
- Revision=1