/build/static/layout/Breadcrumb_cap_w.png

Local Group Policies Objects Util - Import/Export for Standalone Machines

This utility might be handy for those Application Packagers out there that move around a lot and have to recreate VM's on different client sites - I know it bores the living daylights out of myself. 

The utility is called "Local Group Policy Object utility", this is the upgrade of the Local Policy Utility (LocalPol.exe) in the Security Compliance Manager. Basicly it will export your local GPO, so you can, you guessed it - import it later on another machine. Handy if you prefer certain settings on your packaging machine.


It can be downloaded here, the util is located in
Windows 10 TH2 Security Baseline.zip\Windows 10 TH2 Security Baselines\Local_Script\Tools\
The documentation is in pdf format and provides all the detailed information on the utility.

http://blogs.technet.com/b/secguide/archive/2016/01/22/security-baseline-for-windows-10-v1511-quot-threshold-2-quot-final.aspx

LGPO.exe command [...]
Where command is one or more of the following, each of which can be repeated:
/g path Import settings from one or more Group Policy backups anywhere under the directory specified by path.
/m path\registry.pol Import settings from a Registry Policy file into Computer (Machine) Configuration.
/u path\registry.pol Import settings from a Registry Policy file into User Configuration.
/s path\GptTmpl.inf Apply the specified security template.
/a[c] path\audit.csv Apply an Advanced Auditing backup (CSV) file. With /ac, LGPO.exe clears existing Advanced Auditing settings before applying the settings from the CSV file, and copies the file to the local group policy subdirectory so that the settings appear in the local group policy editor.
/e name|guid Enable a Group Policy client side extension for local policy processing. Specify a GUID, or one of these names: zone – Internet Explorer zone mapping extension; needed for Site-To-Zone Assignment List policy. mitigation – Mitigation Options extension; needed for the Untrusted Font Blocking policy (Windows 10).
audit – Advanced Audit Policy Configuration; ensures gpupdate also applies advanced audit policy settings.
/t path\lgpo.txt Apply registry-based commands from an “LGPO text” file.
/boot Reboot after applying policies.
/v Verbose output.
/q Quiet output (no headers).



Comments

This post is locked
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ