secedit question - remove database and template files after applying?

Discussion in 'Server Security' started by James, May 4, 2009.

  1. James

    James Guest

    Hello,

    going to be including a secedit command in a script running on server 2008
    such as:

    SECEDIT /configure /db PassPol.sdb /cfg PassPol.inf /log secedit.log

    after running this command the PassPol.sdb file is created in the current
    directory, which is also where the PassPol.inf file is located.

    1. after the command completes can I delete the PassPol.sdb and PassPol.inf
    files?

    2. where do these settings go after this runs? registry? other config files?

    any input is appreciated, thanks.
     
    James, May 4, 2009
    #1
    1. Advertisements

  2. Meinolf Weber [MVP-DS], May 4, 2009
    #2
    1. Advertisements

  3. James

    James Guest

    see inline:

    I asked a pretty specific question, using secedit, not scw. I realize the
    info you have directed me to would help with an overall understanding of sec
    pol management in 2k8 but that is not what I am looking for right now.
    well, I deleted what I was asking about, and the settings are still applied?
    and visible in the local sec pol console?

    The policy settings are basically
    that has always been my understanding, but I was recently told otherwise.
    The reason I am using secedit is that I was told if I make the reg changes
    directly they will not be reflected when using gui tools such as local sec
    pol console. But this is a side note really... I am really just trying to
    find out if I can remove the .sdb and .inf template files after I have used
    secedit to apply the template? I'm sure someone who knows what they are
    talking about could answer this with a few sentences of background as to why
    or why not.

    anyone?
     
    James, May 5, 2009
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.