In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/03 Report--
This article mainly shows you "how to use secedit.exe local security policy commands". The content is simple and clear. I hope it can help you solve your doubts. Let me lead you to study and learn this article "how to use secedit.exe local security policy commands".
To view the command syntax, click the following command:
The code is as follows:
Secedit / analyze
Secedit / configure
Secedit / export
Secedit / import
Secedit / validate
Secedit / GenerateRollback
Secedit / analyze
You can analyze the security settings on a computer by comparing it with the basic settings in the database.
Grammar
Secedit / analyze / db FileName. Sdb[ / cfgFileName] [/ overwrite] [/ logFileName] [/ quiet]
Parameters.
/ db FileName.sdb
Specifies the database used for analysis.
/ cfg FileName
Specifies the security template to import into the database before analysis. Use the Security templates snap-in to create a security template.
/ log FileName
Specifies the file that records the status of the configuration process. If not specified, the configuration data is logged to the scesrv.log file in the% windir%\ security\ logs directory.
/ quiet
Specifies that no further comments are made during the analysis process.
Annotation
You can view the results of the analysis in the security configuration and analysis.
Example
The following is an example of how to use this command:
Secedit / analyze / db hisecws.sdb
Secedit / configure
Configure the security settings for the local computer by applying settings stored in the database.
Grammar
Secedit / configure / db FileName [/ cfg FileName] [/ overwrite] [/ areasArea1 Area2...] [/ logFileName] [/ quiet]
Parameters.
/ db FileName
Specifies the database used for security configuration.
/ cfg FileName
Specifies the security template to import into the database before configuring the computer. Use the Security templates snap-in to create a security template.
/ overwrite
Specifies that the database should be emptied before importing the security template. If this parameter is not specified, the settings in the security template accumulate into the database. If this parameter is not specified and there is a configuration conflict between the database and the currently imported template, the template configuration takes precedence.
/ areas Area1 Area2...
Specifies the security zone applied to the system. If no parameters are specified, all security settings defined in the database are applied to the system. To configure multiple zones, separate each area with a space. The following security zones are supported: zone name description SECURITYPOLICY includes account policy, audit policy, event log settings, and security options. GROUP_MGMT includes configuration of restricted groups USER_RIGHTS including user rights assignment REGKEYS including registry permissions FILESTORE including file system permissions SERVICES including system service settings
/ log FileName
Specifies the file that records the status of the configuration process. If not specified, the configuration data is logged to the scesrv.log file in the% windir%\ security\ logs directory.
/ quiet
Specifies that the configuration process should take place without prompting the user.
Example
The following is an example of how to use this command:
Secedit / configure / db hisecws.sdb / cfg
Hisecws.inf / overwrite / log hisecws.log
Secedit / export
Security settings stored in the database can be exported.
Grammar
Secedit / export[ / DBFileName] [/ mergedpolicy] [/ CFG FileName] [/ areasArea1 Area2...] [/ logFileName] [/ quiet]
Parameters.
/ db FileName
Specifies the database used to configure security.
/ mergedpolicy
Merge and export domain and local policy security.
/ CFG FileName
Specifies the template to which you want to export settings.
/ areas Area1 Area2...
Specify the security zone that will be exported to the template. If no area is specified, all areas are exported. Each area should be separated by a space. The zone name description SECURITYPOLICY includes account policies, audit policies, event log settings, and security options. GROUP_MGMT includes configuration of restricted groups USER_RIGHTS including user rights assignment REGKEYS including registry permissions FILESTORE including file system permissions SERVICES including system service settings
/ log FileName
Specifies the file that records the status of the export process. If the file is not specified, it is logged to% windir%\ security\ logs\ scesrv.log with the default settings.
/ quiet
Specifies that the configuration process should take place without prompting the user.
Example
The following is an example of how to use this command:
Secedit / export / db hisecws.inf / log hisecws.log
Secedit / import
You can import a security template into a database so that the settings specified in the template can be applied to the system or used as a basis for analyzing the system.
Grammar
Secedit / import / db FileName .sdb / cfg FileName.inf [/ overwrite] [/ areasArea1 Area2...] [/ logFileName] [/ quiet]
Parameters.
/ db FileName .sdb
Specify the database to which you want to import security template settings.
/ CFG FileName
Specifies that you want to import security templates into the database. Use the Security templates snap-in to create a security template.
/ overwrite FileName
Specifies that the database should be emptied before importing the security template. If this parameter is not specified, the settings in the security template accumulate into the database. If this parameter is not specified and there is a configuration conflict between the database and the currently imported template, the template configuration takes precedence.
/ areas Area1 Area2...
Specify the security zone that will be exported to the template. If no area is specified, all areas are exported. Each area should be separated by a space. The zone name description SECURITYPOLICY contains account policies, audit policies, event log settings, and security options. GROUP_MGMT includes configuration of restricted groups USER_RIGHTS including user rights assignment REGKEYS including registry permissions FILESTORE including file system permissions SERVICES including system service settings
/ log FileName
Specifies the file that records the status of the export process. If the file is not specified, it is logged to% windir%\ security\ logs\ scesrv.log with the default settings.
/ quiet
Specifies that the configuration process should take place without prompting the user.
Example
The following is an example of how to use this command:
Secedit / import / db hisecws.sdb / cfg hisecws.inf / overwrite
Secedit / validate
Verify the syntax of the security template to import into the analysis database or system application.
Grammar
Secedit / validate FileName
Parameters.
FileName
Specifies the name of the security template file created using the security template.
Example
The following is an example of how to use this command:
Secedit / validate / cfg filename
Secedit / GenerateRollback
A rollback template can be generated based on the configuration template. When you apply a configuration template to your computer, you can choose to create a rollback template that resets the security settings to the values before the configuration template is applied.
Grammar
Secedit / GenerateRollback / CFG FileName.inf / RBK SecurityTemplatefilename.inf [/ logRollbackFileName.inf] [/ quiet]
Parameters.
/ CFG FileName
Specifies the file name of the security template for which you want to create a rollback template.
/ RBK FileName
Specifies the file name of the security template that will be created as a rollback template.
Annotation
Secedit / refreshpolicy has been replaced by gpupdate.
Format legend
Format meaning
Italic
Information that the user must provide
Bold type
Elements that the user must type exactly as shown
Ellipsis (.)
Parameters that can be repeated multiple times on the command line
Between square brackets ([])
Optional item
Between curly braces ({}); separate options with a pipeline (|). Example: {even | odd}
The user must select an option set from which only one option can be selected
Courier font
Code or program output
The above is all the contents of the article "how to use secedit.exe Local Security Policy commands". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.