Applying hardening to your windows server with secedit

Hi,

To apply a security template for hardening in a Windows Server 2012 R2 you can create your own customized security template. In this blog post you can see how to do: https://mpgnotes.wordpress.com/2014/05/26/how-to-create-a-security-template-for-hardening/

One time done it, follow these steps:

  • Copy costumized inf file to c:\windows\security\templates
  • Open a powershell console and go to c:\windows\security\templates
  • Execute the following command: Secedit /configure /db secedit.sdb /cfg SCM_Template.inf /overwrite /log SCM_Temp.log
  •  Push y key

It’s all 🙂

Anuncios

How to create a security template for hardening

Hi!

To create and apply a customized security template I did the following:

Use a template based in Security Compliance Manager

http://technet.microsoft.com/en-us/library/cc677002.aspx

Deploy a temporal standalone WS 2012 R2 to do tests

Import the .inf file exported from GPO Backup (folder) option in SCM to a Security Template mmc and then modify all options you want.

Add Security Configuration and Analysis snapin, import your template .inf and then execute the analyze option, remember to use a new database.

http://technet.microsoft.com/en-us/library/bb742512.aspx#EFAA

Save configurations as inf file and it will be your security template for hardening.

Regards