命令行获取本地安全策略

secedit /export /CFG 1.ini /quiet   

[plain]  view plain  copy
  1. [Unicode]  
  2. Unicode=yes  
  3. [System Access]  
  4. MinimumPasswordAge = 0  //密码最短留存期  
  5. MaximumPasswordAge = 42 //密码最长留存期  
  6. MinimumPasswordLength = 0   //密码长度最小值  
  7. PasswordComplexity = 0  //密码必须符合复杂性要求  
  8. PasswordHistorySize = 0 //强制密码历史 N个记住的密码  
  9. LockoutBadCount = 5 //账户锁定阈值  
  10. ResetLockoutCount = 30  //账户锁定时间  
  11. LockoutDuration = 30    //复位账户锁定计数器  
  12. RequireLogonToChangePassword = 0 *下次登录必须更改密码  
  13. ForceLogoffWhenHourExpire = 0   *强制过期  
  14. NewAdministratorName = "Administrator" *管理员账户名称  
  15. NewGuestName = "Guest"  *来宾账户名称  
  16. ClearTextPassword = 0  
  17. LSAAnonymousNameLookup = 0  
  18. EnableAdminAccount = 1  //administrator是否禁用  
  19. EnableGuestAccount = 0  //guest是否禁用  
  20. [Event Audit]  
  21. AuditSystemEvents = 3   //审核系统事件 成功、失败  
  22. AuditLogonEvents = 3    //审核登录事件 成功、失败  
  23. AuditObjectAccess = 3   //审核对象访问 成功、失败  
  24. AuditPrivilegeUse = 2   //审核特权使用 失败  
  25. AuditPolicyChange = 3   //审核策略更改 成功、失败  
  26. AuditAccountManage = 3  //审核账户管理 成功、失败  
  27. AuditProcessTracking = 2    //审核过程追踪 失败  
  28. AuditDSAccess = 2   //审核目录服务访问 失败  
  29. AuditAccountLogon = 3   //审核账户登录事件 成功、失败  
  30. [Registry Values]  
  31. MACHINE\Software\Microsoft\Driver Signing\Policy=3,1  
  32. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel=4,0  
  33. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SetCommand=4,0  
  34. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,"0"  
  35. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateDASD=1,"0"  
  36. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,"0"  
  37. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,"10"  
  38. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ForceUnlockLogon=4,0  
  39. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\PasswordExpiryWarning=4,14  
  40. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScRemoveOption=1,"0"  
  41. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLastUserName=4,0  
  42. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText=7,  
  43. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogon=4,1  
  44. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon=4,1  
  45. MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,0  
  46. MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0  
  47. MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds=4,0  
  48. MACHINE\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous=4,0  
  49. MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy=4,0  
  50. MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest=4,1  
  51. MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,0  
  52. MACHINE\System\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse=4,1  
  53. MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,0  
  54. MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSec=4,0  
  55. MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec=4,0  
  56. MACHINE\System\CurrentControlSet\Control\Lsa\NoDefaultAdminOwner=4,1  
  57. MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash=4,0  
  58. MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0  
  59. MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=4,1  
  60. MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDrivers=4,0  
  61. MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPaths\Machine=7,System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Control\Server Applications,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration  
  62. MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel\ObCaseInsensitive=4,1  
  63. MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,0  
  64. MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1  
  65. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15  
  66. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1  
  67. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,0  
  68. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionPipes=7,COMNAP,COMNODE,SQL\QUERY,SPOOLSS,LLSRPC,browser  
  69. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionShares=7,COMCFG,DFS$  
  70. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0  
  71. MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPassword=4,0  
  72. MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnableSecuritySignature=4,1  
  73. MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecuritySignature=4,0  
  74. MACHINE\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrity=4,1  
  75. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DisablePasswordChange=4,0  
  76. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\MaximumPasswordAge=4,30  
  77. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,1  
  78. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey=4,0  
  79. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1  
  80. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1  
  81. [Privilege Rights]  
  82. SeNetworkLogonRight = *S-1-1-0,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547,*S-1-5-32-551  
  83. SeBackupPrivilege = *S-1-5-32-544,*S-1-5-32-551  
  84. SeChangeNotifyPrivilege = *S-1-1-0,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547,*S-1-5-32-551  
  85. SeSystemtimePrivilege = *S-1-5-32-544,*S-1-5-32-547  
  86. SeCreatePagefilePrivilege = *S-1-5-32-544  
  87. SeDebugPrivilege = *S-1-5-32-544  
  88. SeRemoteShutdownPrivilege = *S-1-5-32-544  
  89. SeAuditPrivilege = *S-1-5-19,*S-1-5-20  
  90. SeIncreaseQuotaPrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544  
  91. SeIncreaseBasePriorityPrivilege = *S-1-5-32-544  
  92. SeLoadDriverPrivilege = *S-1-5-32-544  
  93. SeBatchLogonRight = SUPPORT_388945a0  
  94. SeServiceLogonRight = *S-1-5-20  
  95. SeInteractiveLogonRight = Guest,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547,*S-1-5-32-551  
  96. SeSecurityPrivilege = *S-1-5-32-544  
  97. SeSystemEnvironmentPrivilege = *S-1-5-32-544  
  98. SeProfileSingleProcessPrivilege = *S-1-5-32-544,*S-1-5-32-547  
  99. SeSystemProfilePrivilege = *S-1-5-32-544  
  100. SeAssignPrimaryTokenPrivilege = *S-1-5-19,*S-1-5-20  
  101. SeRestorePrivilege = *S-1-5-32-544,*S-1-5-32-551  
  102. SeShutdownPrivilege = *S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547,*S-1-5-32-551  
  103. SeTakeOwnershipPrivilege = *S-1-5-32-544  
  104. SeDenyNetworkLogonRight = SUPPORT_388945a0,Guest  
  105. SeDenyInteractiveLogonRight = SUPPORT_388945a0,Guest  
  106. SeUndockPrivilege = *S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-547  
  107. SeManageVolumePrivilege = *S-1-5-32-544  
  108. SeRemoteInteractiveLogonRight = *S-1-5-32-544,*S-1-5-32-555  
  109. SeImpersonatePrivilege = *S-1-5-32-544,*S-1-5-6  
  110. SeCreateGlobalPrivilege = *S-1-5-32-544,*S-1-5-4,*S-1-5-6  
  111. [Version]  
  112. signature="$CHICAGO$"  
  113. Revision=1  

你可能感兴趣的:(命令行获取本地安全策略)