Manage Policies Using K1000
Hi,
How to change Security Policy using K1000? Such as, Rename Administrator, Disable Guest Account, Enable Logon Audit, Account Lockout Threshold, etc.
Basically things that can be done using Group Policy
0 Comments
[ + ] Show comments
Answers (3)
Answer Summary:
Please log in to answer
Posted by:
hendra.tommy
6 years ago
Top Answer
To answer my own question, I end up using secedit /export to to export all configured policies like explained in below article:
https://serverfault.com/questions/91520/are-there-registry-settings-for-password-policies-on-windows-2008
What I've done was:
1. Prepare one Windows 2012 VM, and then configure the policies just like usual using gpedit
2. Once done, export it using command: secedit /export /cfg mytemplate.inf /log mylog.txt
3. If there are no errors, copy the "mytemplate.inf". If you open that file, you will find alot of value, filter it and only keep parameter that you needed
4. And to import it to target PC, copy the "mytemplate.inf" and issue the following command:
secedit /configure /db secedit.sdb /cfg mytemplate.inf /overwrite
5. Check gpedit, the parameter should have changed based on the the template.
Posted by:
chucksteel
6 years ago
Many Group Policy items can be set using registry keys, so that is one option. Otherwise you may need to develop scripts that will change settings or handle things like renaming the default administrator account (which is no longer considered best practice, by the way).
Posted by:
ISEKOLD
6 years ago
Tried to respond to chucksteel, but didn't work: To find these registry keys, either look online or find them yourself using process monitor.
https://www.howtogeek.com/school/sysinternals-pro/lesson5/
Some things you will find to be tricky to edit through registry.
https://www.howtogeek.com/school/sysinternals-pro/lesson5/
Some things you will find to be tricky to edit through registry.