You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue: to implement the Desired State Config over the newly built standalone servers to implement the Microsoft Security Baseline.
We in our environment have the baseline implemented through GPO – Group Policy Objects. So that whole baseline can be pushed to the domain joined servers.
But for standalone servers we don’t have this option /or to config manually on each server.
To automate this process this DSC is used.
So we have converted the GPO to DSC and tried to implement it on the test server.
Which was not successful due to many errors and issues.
Verbose logs
PS C:\Users\Administrator> start-DscConfiguration -Path C:\DSCtest\cloud1\cloud1\ -Verbose -Wait -Force
VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' =
SendConfigurationApply,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' =
root/Microsoft/Windows/DesiredStateConfiguration'.
VERBOSE: An LCM method call arrived from computer EC2AMAZ-5AON1L7 with user sid
S-1-5-21-3035835989-1062233685-3344107910-500.
VERBOSE: The -Force option was specified with the Stop operation. The current configuration has been successfully
cancelled.
VERBOSE: An LCM method call arrived from computer EC2AMAZ-5AON1L7 with user sid
S-1-5-21-3035835989-1062233685-3344107910-500.
VERBOSE: [EC2AMAZ-5AON1L7]: LCM: [ Start Set ]
VERBOSE: [EC2AMAZ-5AON1L7]: LCM: [ Start Resource ] [[RegistryPolicyFile]Registry(POL):
HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAutorun]
VERBOSE: [EC2AMAZ-5AON1L7]: LCM: [ Start Test ] [[RegistryPolicyFile]Registry(POL):
HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAutorun]
VERBOSE: [EC2AMAZ-5AON1L7]: [[RegistryPolicyFile]Registry(POL):
HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAutorun] Retrieving current for Key
HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer ValueName NoAutorun. (RPF04)
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception of type 'System.OutOfMemoryException' was thrown.
+ CategoryInfo : OperationStopped: (:) [], CimException
+ FullyQualifiedErrorId : System.OutOfMemoryException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must be non-negative and less than the size
of the collection.
Parameter name: startIndex"
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : ArgumentOutOfRangeException
+ PSComputerName : localhost
Exception of type 'System.OutOfMemoryException' was thrown.
+ CategoryInfo : OperationStopped: (:) [], CimException
+ FullyQualifiedErrorId : System.OutOfMemoryException
+ PSComputerName : localhost
Exception calling "IndexOf" with "2" argument(s): "Index was out of range. Must
DSC configuration
ConfigurationDSCFromGPO
{
Import-DSCResource-ModuleName 'GPRegistryPolicyDsc'Import-DSCResource-ModuleName 'AuditPolicyDSC'Import-DSCResource-ModuleName 'SecurityPolicyDSC'
Node localhost
{
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAutorun'
{
ValueName ='NoAutorun'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun'
{
ValueName ='NoDriveTypeAutoRun'
ValueData =255
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\LogonType'
{
ValueName ='LogonType'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\MSAOptional'
{
ValueName ='MSAOptional'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ProcessCreationIncludeCmdLine_Enabled'
{
ValueName ='ProcessCreationIncludeCmdLine_Enabled'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScreenSaverGracePeriod'
{
ValueName ='ScreenSaverGracePeriod'
ValueData ='0'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Cryptography\Configuration\SSL\00010002\Functions'
{
ValueName ='Functions'
ValueData ='TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Cryptography\Configuration\SSL\00010002'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\InputPersonalization\AllowInputPersonalization'
{
ValueName ='AllowInputPersonalization'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\InputPersonalization'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Internet Explorer\Feeds\DisableEnclosureDownload'
{
ValueName ='DisableEnclosureDownload'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Internet Explorer\Feeds'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\ACRS\Certificates\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\ACRS\Certificates'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\ACRS\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\ACRS\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\ACRS\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\ACRS\CTLs'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\CA\Certificates\E6CE8768D33D318D8CEAB8E673522F763AEFD802\Blob'
{
ValueName ='Blob'
ValueData = '04000000010000001000000093C391DCE25AF6F637FE910F3B0217AE0F00000001000000200000001489724F8F9F9069D975DADF3BD37E1EBA65B9E7C93BC5C2AD39A62FB2DCC0D6140000000100000014000000644B18E1C5E283177E956A3DDB538C491CC93C0F1900000001000000100000006840FB9F33C0835E57EA455FC50BE5B55C0000000100000004000000001000001800000001000000100000006E5E4375E95778F9B386680B5642A86D030000000100000014000000E6CE8768D33D318D8CEAB8E673522F763AEFD8022000000001000000CE060000308206CA308204B2A003020102020104300D06092A864886F70D01010B0500303F310B300906035504061302465231163014060355040A0C0D434D412043474D2047726F75703118301606035504030C0F434D412043474D20526F6F74204341301E170D3136313031313135353333335A170D3236313031313135353333335A3046310B300906035504061302465231163014060355040A0C0D434D412043474D2047726F7570311F301D06035504030C16434D412043474D20323031362053657276657220434130820222300D06092A864886F70D01010105000382020F003082020A0282020100B6CA8B99DD3ED3EE1A1E10D1B2FC85374E661844CFC8F67C0BAA682F8C0CCF7B94F0EE1C45AA2B862076AAAA7B9ED9E3F88AB0BFF6EE290BC24B8A6854D0E2D04FA07D78FFB56E8422A93AB401E3569679BFE885BD8B011E314F36899A367613CE86922B6A00B3D2DFD29404C06410A031F6E52C89ABEE91412D024785FA3A91E4A6D4B2F89D7E8D5427DED11AE11C2247CA0D37E5F71888C527FB096EA7A1089EED77B81A18FDA56CF94D96BE3BE38C014069226D023531A555EF53F5963E5A7DDEBEBAC3F1AEC6C1A53DFEFA44BC1BDB411BD69F4A5C003632C4FACA748B57FFEB5DA64CB5648B421223BBEE41ABE29B779B02D800B51B2195C37ACF358ED3F138810507CC33C5232FADB0B11D01A88D4D8EBBC86C0CA43AFF65AEC4E5A3E23FC4F172AB50E7975003696F8C28D769FEAC4557FD26B3109E5C9BC122868ABA8460405CEF8A40269299ABAEDD33FE7CFE722CF0E03A3EB69A798874D74B1ECE88A5BFDAB5350F0E734B9B1BEFB5EE7330EE82F480C83884E7D872B4F40D6F399ADA6DD5C6C7E41BF6472C1AB132C96C0E87807350BEB9FC53A989FA94C4685AFEF99CAC116BFEDB95C9788A3053970DF0D5571A02FB8E9E52B8B50D6D46CAEE7DCAFCD597A692CE263DE832C7DFF7CDE696EE2A95563A49ADD6833512FBE9C4B40372B9AF8E6F9ED76B1DB17882EDBD1B24E46E667BA786C8A01B473A8702C50203010001A38201C8308201C4300F0603551D130101FF040530030101FF301D0603551D0E04160414644B18E1C5E283177E956A3DDB538C491CC93C0F301F0603551D2304183016801439782919AD6BD60439C6EDD488D3582AE6AE6E3C30170603551D200410300E300C060A2A817A01814F010A0101300E0603551D0F0101FF040403020106308201020603551D1F0481FA3081F73081C6A081C3A081C08681BD6C6461703A2F2F2F434E3D4341253230526F6F74253243434E3D526F6F744341253243434E3D434450253243434E3D5075626C69632532304B65792532305365727669636573253243434E3D5365727669636573253243434E3D436F6E66696775726174696F6E25324344433D636D612D63676D25324344433D636F6D3F63657274696669636174655265766F636174696F6E4C6973743F626173653F6F626A656374636C6173733D63524C446973747269627574696F6E506F696E74302CA02AA0288626687474703A2F2F706B692E636D612D63676D2E636F6D2F63726C2F43415F526F6F742E63726C304206082B0601050507010104363034303206082B060105050730028626687474703A2F2F706B692E636D612D63676D2E636F6D2F6169612F43415F526F6F742E637274300D06092A864886F70D01010B050003820201007A866B28F55E73EFE91049EA15DDBD2CB6EB3E1D409254C5ED3E38C6C616F0B7D104A4ACC27F55744503C76D8CB074BD58393880827187191F28A90600F76833643959B21A6D3FC7AD3B42E657D398BC892568A3CD9137A2BE655A37A75B8ADE7D63B17616B00093E5A6C7FF6F57D29B55B71EE636556046B60F3BC8A2DC2354351E9C48954E78703B92A215F2C46F57B319941069928E218D38A8BCA12797115A31BEE7A93DEBA4B1A894FC647D144A09E624901A96A9EE26BA81BF9AC0AE586488A3117632CCDEECA0A10CEDB2ABC56F190C310A0F5BEC768F3F2C88230A056A53793A0F06000B6F4DF04697C96AA2921ABAC3DDBEAE0BD36EF3B252054762EC1CCA986ED9683D539BEF265F5954CD51D3855AA774F34BC2E889FBB41EA5311349D16403B1008EDE88CF01D406FB468B83E1BC39AA82C04E3C2FEFB873EB56335ADDED2828BB4B75636E15B327DE4E1B5A08BC75FB1D5D88A09BE80F88FB41E2B6385B715EBF268180E9C812C70C2FB6CFA8DF3282486893420BE2BA9C95C6EB445F3BD33D42930A8C2AEA1D57A12A92688BFCA21624346695D1BB0AEA3B6526E07FBE6FC29704365D21346E6F517E5E644F4C572CF0F1CB5DEDEBACA2E8BEEA2ADAF103C8886E1FD8415457FD24BD423712E5779C9FC5245A24DE6113BC10F0E560021305E58AB9634498EB7FA5744C6794A5F84CFBE55C71B4857EE335B3'
ValueType ='Binary'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\CA\Certificates\E6CE8768D33D318D8CEAB8E673522F763AEFD802'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\CA\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\CA\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\CA\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\CA\CTLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\DPNGRA\Certificates\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\DPNGRA\Certificates'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\DPNGRA\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\DPNGRA\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\DPNGRA\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\DPNGRA\CTLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE\Certificates\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE\Certificates'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE\CTLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE_NKP\Certificates'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE_NKP\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE_NKP\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE_NKP\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\FVE_NKP\CTLs'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Root\Certificates\8887F58560E3D840345D398623030E57B96D2C69\Blob'
{
ValueName ='Blob'
ValueData = '040000000100000010000000BD388ED93533E92922DD00D4EA9869AC0F0000000100000014000000FCF6464BDB1BF29419EC162DD4564E3FE279EA3C14000000010000001400000039782919AD6BD60439C6EDD488D3582AE6AE6E3C1900000001000000100000006E5E4375E95778F9B386680B5642A86D5C0000000100000004000000001000000300000001000000140000008887F58560E3D840345D398623030E57B96D2C69200000000100000079050000308205753082035DA003020102020101300D06092A864886F70D0101050500303F310B300906035504061302465231163014060355040A0C0D434D412043474D2047726F75703118301606035504030C0F434D412043474D20526F6F74204341301E170D3130303432393132343531375A170D3330303432393132343531375A303F310B300906035504061302465231163014060355040A0C0D434D412043474D2047726F75703118301606035504030C0F434D412043474D20526F6F7420434130820222300D06092A864886F70D01010105000382020F003082020A0282020100CF892F2A0C6F554E471AA922BE6D3595F2F6D2DB8FD091E747327CC72B5C3EAE8902DA6D1C30CA8A413ADA2F53395AABDB5D7E7BEF8D8F82E481AE1890027C08065869DFB8895F0CBDDC05E16933AB02438B265060CBEB228A0D709CEDDBE8B0A7A551392F8EE367F480A18F7473621CAAD797DB1AB23BE63B1381640D3D23970F18A651BE77225E0E42F2AB7B6E52941EE6D2B9ABCF38F8B7CC892C62465A11F6F329A0A017EA74350D592385BE86854143180E76ECA7A3B77E5EC3E5EA0F32AC7F33440F9F05B6D7E225FBD4E143995CC6A5957BC506BCC0CDE80F64FA7DD4DBB972AEED6FFC619068A93167FF2E34BA0109ACA6175E96A5E52B2769998EC136D1592FF6AE056CB46D83C602A7166511E70A56AC42620A8EBD44E058F952ED0FF1B6DA6F01EC1AFF137602D0A5FCAF14A631C8E6FC8624D21BD132AD57960419627C1F6C4C7EBD28F7033E3A85EA52F84558CE111992CD231EAEEE9254AD033CFAEA8EACCEF391AC3E77EC9496DF5A867BDD30C82500679C24561E0159680960B8D6E693C6338079DBC09AA14672A51AA1BF75CDEF65A0BE4414903F7A87FEA399D0CEEC7AAA7DFC3110B30E300574AC0F696734CE2FA2DD96CB7FC34C22780EF7602F67CF8BA122C9900D1C3C4B1D3C8D4E01BEF5932E2AD0BFBB76EAE857042BBA00AAC325A2BE7C2D8D7AF00CDC03158FBBBF18C66633B19837EEC1837B0203010001A37C307A300F0603551D130101FF040530030101FF301D0603551D0E0416041439782919AD6BD60439C6EDD488D3582AE6AE6E3C301F0603551D2304183016801439782919AD6BD60439C6EDD488D3582AE6AE6E3C30170603551D200410300E300C060A2A817A01814F01010101300E0603551D0F0101FF040403020106300D06092A864886F70D0101050500038202010033D371AEB937101960FB0BAB0CB4F4D88A6827B25887D7DA9725CD916A09087F809965335545774F9D31A6B8FD017382E90347D5C08087D5C378174CF39DDFF3382A455FBD91E2213B56BF1480004395E4F1D8B08FD52898D0D30C67444C509496BCE73DFAD4BD1BFBE8E1CFD41DE98128080D6486C06BC9EAB6B20E148518ADBF13BCC020818FE40F985FAEF06393E6BA2E162CDBA4AF973B657275019F4603F2FB88DD1AC0B8DA82AB5C43C9EDAF105D4D5415A30E6D82D5701D43AAE457EDE45731C02F8B5A96E169BEF617239C23B93408D0C92EE8F5AE822D3E6BA715E4E15659BFC48F519575CBD8DE49BD10052D7CD35DDCEAA29B85E1F4A5B54309D23857BF8E3ED7637201D7425CADECF58B0CAD81059B2D3124843C804DE7B887C5032679D7543F182CC2E1F43F2B0A153446516BE22C303A4D7F1DD2A72CEFAC23F92DF2D043BC11AB0D7AA57223745BE626B8CB6BAAD157CFCCFB8C66D6365E74B5317C13E5B588A95A09C5F2BB13C1A79BD9B1B7F6C00FC5005BC059064221E9A556946E8901900E62E4DFFF628157C4540F5BC789273C575C2D03FE7C44708C8E7D8856832F687D406A2757AEE3B54199C82445DE18C1A8E512987845D21EA29C9D7CA8CC4530029DC3E14B468FE858B8CB303947B19718C813F00A8E8000B4EA1D8913773C98416ACE98045485A4BB2B5B4473FBFBC1E9247B60D4FE790854'
ValueType ='Binary'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Root\Certificates\8887F58560E3D840345D398623030E57B96D2C69'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Root\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Root\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Root\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Root\CTLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Trust\Certificates\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Trust\Certificates'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Trust\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Trust\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\Trust\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\Trust\CTLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Certificates\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Certificates'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\CRLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\CRLs'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\CTLs\'
{
ValueName =''
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\CTLs'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\W32time\TimeProviders\NtpClient\Enabled'
{
ValueName ='Enabled'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\W32time\TimeProviders\NtpClient'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\CredUI\DisablePasswordReveal'
{
ValueName ='DisablePasswordReveal'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\CredUI'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\DataCollection\DoNotShowFeedbackNotifications'
{
ValueName ='DoNotShowFeedbackNotifications'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\DataCollection'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\DataCollection\AllowTelemetry'
{
ValueName ='AllowTelemetry'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\DataCollection'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\Application\MaxSize'
{
ValueName ='MaxSize'
ValueData =32768
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\EventLog\Application'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\Application\Retention'
{
ValueName ='Retention'
ValueData ='0'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\EventLog\Application'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\Security\MaxSize'
{
ValueName ='MaxSize'
ValueData =196608
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\EventLog\Security'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\Security\Retention'
{
ValueName ='Retention'
ValueData ='0'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\EventLog\Security'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\Setup\MaxSize'
{
ValueName ='MaxSize'
ValueData =32768
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\EventLog\Setup'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\System\MaxSize'
{
ValueName ='MaxSize'
ValueData =32768
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\EventLog\System'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\System\Retention'
{
ValueName ='Retention'
ValueData ='0 '
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\EventLog\System'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Explorer\NoAutoplayfornonVolume'
{
ValueName ='NoAutoplayfornonVolume'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Explorer'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Installer\AlwaysInstallElevated'
{
ValueName ='AlwaysInstallElevated'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Installer'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Internet Connection Wizard\ExitOnMSICW'
{
ValueName ='ExitOnMSICW'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Internet Connection Wizard'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\LanmanWorkstation\AllowInsecureGuestAuth'
{
ValueName ='AllowInsecureGuestAuth'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\LanmanWorkstation'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Network Connections\NC_AllowNetBridge_NLA'
{
ValueName ='NC_AllowNetBridge_NLA'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Network Connections'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Network Connections\NC_ShowSharedAccessUI'
{
ValueName ='NC_ShowSharedAccessUI'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Network Connections'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Personalization\NoLockScreenCamera'
{
ValueName ='NoLockScreenCamera'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Personalization'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Personalization\NoLockScreenSlideshow'
{
ValueName ='NoLockScreenSlideshow'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Personalization'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\System\DontDisplayNetworkSelectionUI'
{
ValueName ='DontDisplayNetworkSelectionUI'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\System'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\System\DisableLockScreenAppNotifications'
{
ValueName ='DisableLockScreenAppNotifications'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\System'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\System\EnableSmartScreen'
{
ValueName ='EnableSmartScreen'
ValueData =2
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\System'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\System\BlockUserFromShowingAccountDetailsOnSignin'
{
ValueName ='BlockUserFromShowingAccountDetailsOnSignin'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\System'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Windows Search\AllowCortana'
{
ValueName ='AllowCortana'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Windows Search'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Windows Search\AllowSearchToUseLocation'
{
ValueName ='AllowSearchToUseLocation'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Windows Search'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Windows Search\AllowCortanaAboveLock'
{
ValueName ='AllowCortanaAboveLock'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\Windows Search'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\WUServer'
{
ValueName ='WUServer'
ValueData ='http://wsuscmacgm:8530'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\WUStatusServer'
{
ValueName ='WUStatusServer'
ValueData ='http://wsuscmacgm:8530'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate'
}
<# This MultiString Value has a value of $null, Some Security Policies require Registry Values to be $null If you believe ' ' is the correct value for this string, you may change it here.#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\UpdateServiceUrlAlternate'
{
ValueName ='UpdateServiceUrlAlternate'
ValueData =$null
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows\WindowsUpdate\FillEmptyContentUrls'
{
ValueName ='FillEmptyContentUrls'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\SetProxyBehaviorForUpdateDetection'
{
ValueName ='SetProxyBehaviorForUpdateDetection'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\DetectionFrequencyEnabled'
{
ValueName ='DetectionFrequencyEnabled'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\DetectionFrequency'
{
ValueName ='DetectionFrequency'
ValueData =8
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoUpdate'
{
ValueName ='NoAutoUpdate'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\AUOptions'
{
ValueName ='AUOptions'
ValueData =3
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\AutomaticMaintenanceEnabled'
{
ValueName ='AutomaticMaintenanceEnabled'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallDay'
{
ValueName ='ScheduledInstallDay'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallTime'
{
ValueName ='ScheduledInstallTime'
ValueData =3
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallEveryWeek'
{
ValueName ='ScheduledInstallEveryWeek'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallFirstWeek'
{
ValueName ='ScheduledInstallFirstWeek'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallSecondWeek'
{
ValueName ='ScheduledInstallSecondWeek'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallThirdWeek'
{
ValueName ='ScheduledInstallThirdWeek'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallFourthWeek'
{
ValueName ='ScheduledInstallFourthWeek'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\AllowMUUpdateService'
{
ValueName ='AllowMUUpdateService'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\UseWUServer'
{
ValueName ='UseWUServer'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client\AllowDigest'
{
ValueName ='AllowDigest'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service\DisableRunAs'
{
ValueName ='DisableRunAs'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\DisableAntiSpyware'
{
ValueName ='DisableAntiSpyware'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows Defender'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Scan\DisableRemovableDriveScanning'
{
ValueName ='DisableRemovableDriveScanning'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows Defender\Scan'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Scan\QuickScanInterval'
{
ValueName ='QuickScanInterval'
ValueData =24
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows Defender\Scan'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Signature Updates\SignatureUpdateInterval'
{
ValueName ='SignatureUpdateInterval'
ValueData =8
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows Defender\Signature Updates'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet\SubmitSamplesConsent'
{
ValueName ='SubmitSamplesConsent'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\DNSClient\AdapterDomainName'
{
ValueName ='AdapterDomainName'
ValueData ='d1.ad.apl.com'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\DNSClient'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\DNSClient\RegisterReverseLookup'
{
ValueName ='RegisterReverseLookup'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\DNSClient'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\DNSClient\EnableMulticast'
{
ValueName ='EnableMulticast'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\DNSClient'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\DNSClient\SearchList'
{
ValueName ='SearchList'
ValueData ='cma-cgm.com,ho.cma-cgm.com,europe.cma-cgm.com,asia.cma-cgm.com,africa.cma-cgm.com,america.cma-cgm.com,oceania.cma-cgm.com,mail.cma-cgm.com,usa.cma-cgm.com,d1.ad.apl.com,apl.com'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\DNSClient'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Rpc\EnableAuthEpResolution'
{
ValueName ='EnableAuthEpResolution'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Rpc'
}
<#RegistryPolicyFile 'DELVALS_\Software\Policies\Microsoft\Windows NT\Terminal Services' { ValueName = '' Exclusive = $True ValueData = $null Ensure = 'Present' ValueType = 'String' TargetType = 'ComputerConfiguration' Key = 'HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services' }#>
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\fEncryptRPCTraffic'
{
ValueName ='fEncryptRPCTraffic'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowToGetHelp'
{
ValueName ='fAllowToGetHelp'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowFullControl'
{
ValueName ='fAllowFullControl'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows NT\Terminal Services\MaxTicketExpiry'
{
ValueName ='MaxTicketExpiry'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows NT\Terminal Services\MaxTicketExpiryUnits'
{
ValueName ='MaxTicketExpiryUnits'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'DEL_\Software\Policies\Microsoft\Windows NT\Terminal Services\fUseMailto'
{
ValueName ='fUseMailto'
ValueData =''
Ensure ='Absent'
ValueType ='String'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\DisablePasswordSaving'
{
ValueName ='DisablePasswordSaving'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\fDisableCam'
{
ValueName ='fDisableCam'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\fDisableCcm'
{
ValueName ='fDisableCcm'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\fDisableCdm'
{
ValueName ='fDisableCdm'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\fDisableLPT'
{
ValueName ='fDisableLPT'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\fDisableCpm'
{
ValueName ='fDisableCpm'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel'
{
ValueName ='MinEncryptionLevel'
ValueData =3
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\SecurityLayer'
{
ValueName ='SecurityLayer'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\UserAuthentication'
{
ValueName ='UserAuthentication'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services\fPromptForPassword'
{
ValueName ='fPromptForPassword'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\Windows NT\Terminal Services'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PolicyVersion'
{
ValueName ='PolicyVersion'
ValueData =538
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\AllowLocalPolicyMerge'
{
ValueName ='AllowLocalPolicyMerge'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\AllowLocalIPsecPolicyMerge'
{
ValueName ='AllowLocalIPsecPolicyMerge'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\DisableNotifications'
{
ValueName ='DisableNotifications'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\DisableUnicastResponsesToMulticastBroadcast'
{
ValueName ='DisableUnicastResponsesToMulticastBroadcast'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\EnableFirewall'
{
ValueName ='EnableFirewall'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\DefaultOutboundAction'
{
ValueName ='DefaultOutboundAction'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\AllowLocalPolicyMerge'
{
ValueName ='AllowLocalPolicyMerge'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\AllowLocalIPsecPolicyMerge'
{
ValueName ='AllowLocalIPsecPolicyMerge'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\DisableNotifications'
{
ValueName ='DisableNotifications'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\DisableUnicastResponsesToMulticastBroadcast'
{
ValueName ='DisableUnicastResponsesToMulticastBroadcast'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\EnableFirewall'
{
ValueName ='EnableFirewall'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\DefaultOutboundAction'
{
ValueName ='DefaultOutboundAction'
ValueData =0
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile'
}
RegistryPolicyFile 'Registry(POL): HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\SafeDllSearchMode'
{
ValueName ='SafeDllSearchMode'
ValueData =1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager'
}
RegistryPolicyFile 'Registry(POL): HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\DriverLoadPolicy'
{
ValueName ='DriverLoadPolicy'
ValueData =3
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch'
}
RegistryPolicyFile 'Registry(POL): HKLM:\SYSTEM\CurrentControlSet\Services\Eventlog\Security\WarningLevel'
{
ValueName ='WarningLevel'
ValueData =90
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\SYSTEM\CurrentControlSet\Services\Eventlog\Security'
}
RegistryPolicyFile 'Registry(POL): HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisableIPSourceRouting'
{
ValueName ='DisableIPSourceRouting'
ValueData =2
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters'
}
RegistryPolicyFile 'Registry(POL): HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisabledComponents'
{
ValueName ='DisabledComponents'
ValueData =-1
ValueType ='Dword'
TargetType ='ComputerConfiguration'
Key ='HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters'
}
<#RegistryPolicyFile 'Registry(POL): HKCU:\Software\Policies\Microsoft\Windows\Installer\AlwaysInstallElevated' { ValueName = 'AlwaysInstallElevated' ValueData = 0 ValueType = 'Dword' TargetType = 'ComputerConfiguration' Key = 'HKCU:\Software\Policies\Microsoft\Windows\Installer' }#><#RegistryPolicyFile 'Registry(POL): HKCU:\Software\Policies\Microsoft\Windows\Windows Error Reporting\AutoApproveOSDumps' { ValueName = 'AutoApproveOSDumps' ValueData = 1 ValueType = 'Dword' TargetType = 'ComputerConfiguration' Key = 'HKCU:\Software\Policies\Microsoft\Windows\Windows Error Reporting' }#>
AuditPolicySubcategory 'Audit Credential Validation (Success) - Inclusion'
{
Name ='Credential Validation'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Credential Validation (Failure) - Inclusion'
{
Name ='Credential Validation'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Computer Account Management (Success) - Inclusion'
{
Name ='Computer Account Management'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Computer Account Management (Failure) - Inclusion'
{
Name ='Computer Account Management'
Ensure ='Absent'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Other Account Management Events (Success) - Inclusion'
{
Name ='Other Account Management Events'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Other Account Management Events (Failure) - Inclusion'
{
Name ='Other Account Management Events'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Security Group Management (Success) - Inclusion'
{
Name ='Security Group Management'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Security Group Management (Failure) - Inclusion'
{
Name ='Security Group Management'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit User Account Management (Success) - Inclusion'
{
Name ='User Account Management'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit User Account Management (Failure) - Inclusion'
{
Name ='User Account Management'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit PNP Activity (Success) - Inclusion'
{
Name ='Plug and Play Events'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit PNP Activity (Failure) - Inclusion'
{
Name ='Plug and Play Events'
Ensure ='Absent'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Process Creation (Success) - Inclusion'
{
Name ='Process Creation'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Process Creation (Failure) - Inclusion'
{
Name ='Process Creation'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Account Lockout (Success) - Inclusion'
{
Name ='Account Lockout'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Account Lockout (Failure) - Inclusion'
{
Name ='Account Lockout'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Group Membership (Success) - Inclusion'
{
Name ='Group Membership'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Group Membership (Failure) - Inclusion'
{
Name ='Group Membership'
Ensure ='Absent'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Logoff (Success) - Inclusion'
{
Name ='Logoff'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Logoff (Failure) - Inclusion'
{
Name ='Logoff'
Ensure ='Absent'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Logon (Success) - Inclusion'
{
Name ='Logon'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Logon (Failure) - Inclusion'
{
Name ='Logon'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Other Logon/Logoff Events (Success) - Inclusion'
{
Name ='Other Logon/Logoff Events'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Other Logon/Logoff Events (Failure) - Inclusion'
{
Name ='Other Logon/Logoff Events'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Special Logon (Success) - Inclusion'
{
Name ='Special Logon'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Special Logon (Failure) - Inclusion'
{
Name ='Special Logon'
Ensure ='Absent'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Other Object Access Events (Success) - Inclusion'
{
Name ='Other Object Access Events'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Other Object Access Events (Failure) - Inclusion'
{
Name ='Other Object Access Events'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Removable Storage (Success) - Inclusion'
{
Name ='Removable Storage'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Removable Storage (Failure) - Inclusion'
{
Name ='Removable Storage'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Audit Policy Change (Success) - Inclusion'
{
Name ='Audit Policy Change'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Audit Policy Change (Failure) - Inclusion'
{
Name ='Audit Policy Change'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Authentication Policy Change (Success) - Inclusion'
{
Name ='Authentication Policy Change'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Authentication Policy Change (Failure) - Inclusion'
{
Name ='Authentication Policy Change'
Ensure ='Absent'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit MPSSVC Rule-Level Policy Change (Success) - Inclusion'
{
Name ='MPSSVC Rule-Level Policy Change'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit MPSSVC Rule-Level Policy Change (Failure) - Inclusion'
{
Name ='MPSSVC Rule-Level Policy Change'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Non Sensitive Privilege Use (Success) - Inclusion'
{
Name ='Non Sensitive Privilege Use'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Non Sensitive Privilege Use (Failure) - Inclusion'
{
Name ='Non Sensitive Privilege Use'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Sensitive Privilege Use (Success) - Inclusion'
{
Name ='Sensitive Privilege Use'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Sensitive Privilege Use (Failure) - Inclusion'
{
Name ='Sensitive Privilege Use'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit IPsec Driver (Success) - Inclusion'
{
Name ='IPsec Driver'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit IPsec Driver (Failure) - Inclusion'
{
Name ='IPsec Driver'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Security State Change (Success) - Inclusion'
{
Name ='Security State Change'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Security State Change (Failure) - Inclusion'
{
Name ='Security State Change'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit Security System Extension (Success) - Inclusion'
{
Name ='Security System Extension'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit Security System Extension (Failure) - Inclusion'
{
Name ='Security System Extension'
Ensure ='Present'
AuditFlag ='Failure'
}
AuditPolicySubcategory 'Audit System Integrity (Success) - Inclusion'
{
Name ='System Integrity'
Ensure ='Present'
AuditFlag ='Success'
}
AuditPolicySubcategory 'Audit System Integrity (Failure) - Inclusion'
{
Name ='System Integrity'
Ensure ='Present'
AuditFlag ='Failure'
}
<#Service 'Services(INF): dot3svc' { Name = 'dot3svc' State = 'Stopped' }#><#Service 'Services(INF): bthserv' { Name = 'bthserv' State = 'Stopped' }#><#Service 'Services(INF): MapsBroker' { Name = 'MapsBroker' State = 'Stopped' }#><#Service 'Services(INF): AudioEndpointBuilder' { Name = 'AudioEndpointBuilder' State = 'Stopped' }#><#Service 'Services(INF): icssvc' { Name = 'icssvc' State = 'Stopped' }#><#Service 'Services(INF): FrameServer' { Name = 'FrameServer' State = 'Stopped' }#><#Service 'Services(INF): UevAgentService' { Name = 'UevAgentService' State = 'Stopped' }#><#Service 'Services(INF): WdiServiceHost' { Name = 'WdiServiceHost' State = 'Stopped' }#><#Service 'Services(INF): RemoteRegistry' { Name = 'RemoteRegistry' State = 'Running' }#><#Service 'Services(INF): WalletService' { Name = 'WalletService' State = 'Stopped' }#><#Service 'Services(INF): wisvc' { Name = 'wisvc' State = 'Stopped' }#><#Service 'Services(INF): SCardSvr' { Name = 'SCardSvr' State = 'Stopped' }#><#Service 'Services(INF): Audiosrv' { Name = 'Audiosrv' State = 'Stopped' }#><#Service 'Services(INF): SCPolicySvc' { Name = 'SCPolicySvc' State = 'Stopped' }#><#Service 'Services(INF): TabletInputService' { Name = 'TabletInputService' State = 'Stopped' }#><#Service 'Services(INF): wuauserv' { Name = 'wuauserv' State = 'Running' }#><#Service 'Services(INF): WSearch' { Name = 'WSearch' State = 'Stopped' }#><#Service 'Services(INF): WEPHOSTSVC' { Name = 'WEPHOSTSVC' State = 'Stopped' }#><#Service 'Services(INF): WbioSrvc' { Name = 'WbioSrvc' State = 'Stopped' }#><#Service 'Services(INF): stisvc' { Name = 'stisvc' State = 'Stopped' }#>
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Do_not_display_last_user_name'
{
Interactive_logon_Do_not_display_last_user_name ='Enabled'
Name ='Interactive_logon_Do_not_display_last_user_name'
}
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Smart_card_removal_behavior'
{
Name ='Interactive_logon_Smart_card_removal_behavior'
Interactive_logon_Smart_card_removal_behavior ='Lock workstation'
}
SecurityOption 'SecurityRegistry(INF): System_settings_Use_Certificate_Rules_on_Windows_Executables_for_Software_Restriction_Policies'
{
System_settings_Use_Certificate_Rules_on_Windows_Executables_for_Software_Restriction_Policies ='Disabled'
Name ='System_settings_Use_Certificate_Rules_on_Windows_Executables_for_Software_Restriction_Policies'
}
SecurityOption 'SecurityRegistry(INF): Recovery_console_Allow_floppy_copy_and_access_to_all_drives_and_folders'
{
Recovery_console_Allow_floppy_copy_and_access_to_all_drives_and_folders ='Disabled'
Name ='Recovery_console_Allow_floppy_copy_and_access_to_all_drives_and_folders'
}
SecurityOption 'SecurityRegistry(INF): System_cryptography_Force_strong_key_protection_for_user_keys_stored_on_the_computer'
{
Name ='System_cryptography_Force_strong_key_protection_for_user_keys_stored_on_the_computer'
System_cryptography_Force_strong_key_protection_for_user_keys_stored_on_the_computer ='User is prompted when the key is first used'
}
SecurityOption 'SecurityRegistry(INF): Audit_Shut_down_system_immediately_if_unable_to_log_security_audits'
{
Name ='Audit_Shut_down_system_immediately_if_unable_to_log_security_audits'
Audit_Shut_down_system_immediately_if_unable_to_log_security_audits ='Disabled'
}
SecurityOption 'SecurityRegistry(INF): System_objects_Strengthen_default_permissions_of_internal_system_objects_eg_Symbolic_Links'
{
System_objects_Strengthen_default_permissions_of_internal_system_objects_eg_Symbolic_Links ='Enabled'
Name ='System_objects_Strengthen_default_permissions_of_internal_system_objects_eg_Symbolic_Links'
}
SecurityOption 'SecurityRegistry(INF): Network_security_LDAP_client_signing_requirements'
{
Name ='Network_security_LDAP_client_signing_requirements'
Network_security_LDAP_client_signing_requirements ='Negotiate Signing'
}
SecurityOption 'SecurityRegistry(INF): Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts'
{
Name ='Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts'
Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_servers'
{
Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_servers ='Both options checked'
Name ='Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_servers'
}
SecurityOption 'SecurityRegistry(INF): System_objects_Require_case_insensitivity_for_non_Windows_subsystems'
{
System_objects_Require_case_insensitivity_for_non_Windows_subsystems ='Enabled'
Name ='System_objects_Require_case_insensitivity_for_non_Windows_subsystems'
}
SecurityOption 'SecurityRegistry(INF): User_Account_Control_Behavior_of_the_elevation_prompt_for_standard_users'
{
Name ='User_Account_Control_Behavior_of_the_elevation_prompt_for_standard_users'
User_Account_Control_Behavior_of_the_elevation_prompt_for_standard_users ='Automatically deny elevation request'
}
SecurityOption 'SecurityRegistry(INF): Network_access_Let_Everyone_permissions_apply_to_anonymous_users'
{
Network_access_Let_Everyone_permissions_apply_to_anonymous_users ='Disabled'
Name ='Network_access_Let_Everyone_permissions_apply_to_anonymous_users'
}
SecurityOption 'SecurityRegistry(INF): Network_access_Do_not_allow_storage_of_passwords_and_credentials_for_network_authentication'
{
Network_access_Do_not_allow_storage_of_passwords_and_credentials_for_network_authentication ='Disabled'
Name ='Network_access_Do_not_allow_storage_of_passwords_and_credentials_for_network_authentication'
}
SecurityOption 'SecurityRegistry(INF): Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_and_shares'
{
Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_and_shares ='Enabled'
Name ='Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_and_shares'
}
SecurityOption 'SecurityRegistry(INF): Microsoft_network_client_Digitally_sign_communications_always'
{
Microsoft_network_client_Digitally_sign_communications_always ='Enabled'
Name ='Microsoft_network_client_Digitally_sign_communications_always'
}
SecurityOption 'SecurityRegistry(INF): Network_security_Allow_Local_System_to_use_computer_identity_for_NTLM'
{
Name ='Network_security_Allow_Local_System_to_use_computer_identity_for_NTLM'
Network_security_Allow_Local_System_to_use_computer_identity_for_NTLM ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Microsoft_network_server_Digitally_sign_communications_always'
{
Name ='Microsoft_network_server_Digitally_sign_communications_always'
Microsoft_network_server_Digitally_sign_communications_always ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Network_security_Do_not_store_LAN_Manager_hash_value_on_next_password_change'
{
Network_security_Do_not_store_LAN_Manager_hash_value_on_next_password_change ='Enabled'
Name ='Network_security_Do_not_store_LAN_Manager_hash_value_on_next_password_change'
}
SecurityOption 'SecurityRegistry(INF): Network_access_Remotely_accessible_registry_paths_and_subpaths'
{
Network_access_Remotely_accessible_registry_paths_and_subpaths ='System\CurrentControlSet\Control\Print\Printers|#|System\CurrentControlSet\Services\Eventlog|#|Software\Microsoft\OLAP Server|#|Software\Microsoft\Windows NT\CurrentVersion\Print|#|Software\Microsoft\Windows NT\CurrentVersion\Windows|#|System\CurrentControlSet\Control\ContentIndex|#|System\CurrentControlSet\Control\Terminal Server|#|System\CurrentControlSet\Control\Terminal Server\UserConfig|#|System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration|#|Software\Microsoft\Windows NT\CurrentVersion\Perflib|#|System\CurrentControlSet\Services\SysmonLog'
Name ='Network_access_Remotely_accessible_registry_paths_and_subpaths'
}
SecurityOption 'SecurityRegistry(INF): Network_security_LAN_Manager_authentication_level'
{
Network_security_LAN_Manager_authentication_level ='Send NTLMv2 responses only. Refuse LM & NTLM'
Name ='Network_security_LAN_Manager_authentication_level'
}
SecurityOption 'SecurityRegistry(INF): Microsoft_network_server_Digitally_sign_communications_if_client_agrees'
{
Microsoft_network_server_Digitally_sign_communications_if_client_agrees ='Enabled'
Name ='Microsoft_network_server_Digitally_sign_communications_if_client_agrees'
}
SecurityOption 'SecurityRegistry(INF): Domain_member_Digitally_encrypt_or_sign_secure_channel_data_always'
{
Name ='Domain_member_Digitally_encrypt_or_sign_secure_channel_data_always'
Domain_member_Digitally_encrypt_or_sign_secure_channel_data_always ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Audit_Audit_the_use_of_Backup_and_Restore_privilege'
{
Name ='Audit_Audit_the_use_of_Backup_and_Restore_privilege'
Audit_Audit_the_use_of_Backup_and_Restore_privilege ='Disabled'
}
SecurityOption 'SecurityRegistry(INF): Shutdown_Clear_virtual_memory_pagefile'
{
Name ='Shutdown_Clear_virtual_memory_pagefile'
Shutdown_Clear_virtual_memory_pagefile ='Disabled'
}
SecurityOption 'SecurityRegistry(INF): Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_clients'
{
Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_clients ='Both options checked'
Name ='Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_clients'
}
SecurityOption 'SecurityRegistry(INF): Network_access_Remotely_accessible_registry_paths'
{
Name ='Network_access_Remotely_accessible_registry_paths'
Network_access_Remotely_accessible_registry_paths ='System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion'
}
SecurityOption 'SecurityRegistry(INF): Network_access_Sharing_and_security_model_for_local_accounts'
{
Network_access_Sharing_and_security_model_for_local_accounts ='Classic - Local users authenticate as themselves'
Name ='Network_access_Sharing_and_security_model_for_local_accounts'
}
SecurityOption 'SecurityRegistry(INF): User_Account_Control_Behavior_of_the_elevation_prompt_for_administrators_in_Admin_Approval_Mode'
{
Name ='User_Account_Control_Behavior_of_the_elevation_prompt_for_administrators_in_Admin_Approval_Mode'
User_Account_Control_Behavior_of_the_elevation_prompt_for_administrators_in_Admin_Approval_Mode ='Prompt for consent on the secure desktop'
}
SecurityOption 'SecurityRegistry(INF): Shutdown_Allow_system_to_be_shut_down_without_having_to_log_on'
{
Name ='Shutdown_Allow_system_to_be_shut_down_without_having_to_log_on'
Shutdown_Allow_system_to_be_shut_down_without_having_to_log_on ='Disabled'
}
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Machine_account_lockout_threshold'
{
Name ='Interactive_logon_Machine_account_lockout_threshold'
Interactive_logon_Machine_account_lockout_threshold ='10'
}
SecurityOption 'SecurityRegistry(INF): System_settings_Optional_subsystems'
{
System_settings_Optional_subsystems ='Posix'
Name ='System_settings_Optional_subsystems'
}
SecurityOption 'SecurityRegistry(INF): Domain_member_Maximum_machine_account_password_age'
{
Name ='Domain_member_Maximum_machine_account_password_age'
Domain_member_Maximum_machine_account_password_age ='30'
}
SecurityOption 'SecurityRegistry(INF): Devices_Allow_undock_without_having_to_log_on'
{
Devices_Allow_undock_without_having_to_log_on ='Disabled'
Name ='Devices_Allow_undock_without_having_to_log_on'
}
SecurityOption 'SecurityRegistry(INF): Domain_member_Require_strong_Windows_2000_or_later_session_key'
{
Name ='Domain_member_Require_strong_Windows_2000_or_later_session_key'
Domain_member_Require_strong_Windows_2000_or_later_session_key ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Network_access_Restrict_anonymous_access_to_Named_Pipes_and_Shares'
{
Name ='Network_access_Restrict_anonymous_access_to_Named_Pipes_and_Shares'
Network_access_Restrict_anonymous_access_to_Named_Pipes_and_Shares ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Domain_member_Digitally_encrypt_secure_channel_data_when_possible'
{
Name ='Domain_member_Digitally_encrypt_secure_channel_data_when_possible'
Domain_member_Digitally_encrypt_secure_channel_data_when_possible ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Microsoft_network_server_Disconnect_clients_when_logon_hours_expire'
{
Microsoft_network_server_Disconnect_clients_when_logon_hours_expire ='Enabled'
Name ='Microsoft_network_server_Disconnect_clients_when_logon_hours_expire'
}
SecurityOption 'SecurityRegistry(INF): Recovery_console_Allow_automatic_administrative_logon'
{
Recovery_console_Allow_automatic_administrative_logon ='Disabled'
Name ='Recovery_console_Allow_automatic_administrative_logon'
}
SecurityOption 'SecurityRegistry(INF): Devices_Restrict_floppy_access_to_locally_logged_on_user_only'
{
Devices_Restrict_floppy_access_to_locally_logged_on_user_only ='Enabled'
Name ='Devices_Restrict_floppy_access_to_locally_logged_on_user_only'
}
SecurityOption 'SecurityRegistry(INF): Devices_Restrict_CD_ROM_access_to_locally_logged_on_user_only'
{
Name ='Devices_Restrict_CD_ROM_access_to_locally_logged_on_user_only'
Devices_Restrict_CD_ROM_access_to_locally_logged_on_user_only ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): User_Account_Control_Run_all_administrators_in_Admin_Approval_Mode'
{
Name ='User_Account_Control_Run_all_administrators_in_Admin_Approval_Mode'
User_Account_Control_Run_all_administrators_in_Admin_Approval_Mode ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Microsoft_network_server_Amount_of_idle_time_required_before_suspending_session'
{
Name ='Microsoft_network_server_Amount_of_idle_time_required_before_suspending_session'
Microsoft_network_server_Amount_of_idle_time_required_before_suspending_session ='15'
}
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Do_not_require_CTRL_ALT_DEL'
{
Name ='Interactive_logon_Do_not_require_CTRL_ALT_DEL'
Interactive_logon_Do_not_require_CTRL_ALT_DEL ='Disabled'
}
SecurityOption 'SecurityRegistry(INF): Audit_Audit_the_access_of_global_system_objects'
{
Name ='Audit_Audit_the_access_of_global_system_objects'
Audit_Audit_the_access_of_global_system_objects ='Disabled'
}
SecurityOption 'SecurityRegistry(INF): Audit_Force_audit_policy_subcategory_settings_Windows_Vista_or_later_to_override_audit_policy_category_settings'
{
Name ='Audit_Force_audit_policy_subcategory_settings_Windows_Vista_or_later_to_override_audit_policy_category_settings'
Audit_Force_audit_policy_subcategory_settings_Windows_Vista_or_later_to_override_audit_policy_category_settings ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Domain_member_Disable_machine_account_password_changes'
{
Name ='Domain_member_Disable_machine_account_password_changes'
Domain_member_Disable_machine_account_password_changes ='Disabled'
}
SecurityOption 'SecurityRegistry(INF): User_Account_Control_Admin_Approval_Mode_for_the_Built_in_Administrator_account'
{
Name ='User_Account_Control_Admin_Approval_Mode_for_the_Built_in_Administrator_account'
User_Account_Control_Admin_Approval_Mode_for_the_Built_in_Administrator_account ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Prompt_user_to_change_password_before_expiration'
{
Name ='Interactive_logon_Prompt_user_to_change_password_before_expiration'
Interactive_logon_Prompt_user_to_change_password_before_expiration ='14'
}
SecurityOption 'SecurityRegistry(INF): User_Account_Control_Switch_to_the_secure_desktop_when_prompting_for_elevation'
{
User_Account_Control_Switch_to_the_secure_desktop_when_prompting_for_elevation ='Enabled'
Name ='User_Account_Control_Switch_to_the_secure_desktop_when_prompting_for_elevation'
}
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Require_Domain_Controller_authentication_to_unlock_workstation'
{
Name ='Interactive_logon_Require_Domain_Controller_authentication_to_unlock_workstation'
Interactive_logon_Require_Domain_Controller_authentication_to_unlock_workstation ='Enabled'
}
SecurityOption 'SecurityRegistry(INF): Devices_Allowed_to_format_and_eject_removable_media'
{
Devices_Allowed_to_format_and_eject_removable_media ='Administrators'
Name ='Devices_Allowed_to_format_and_eject_removable_media'
}
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Display_user_information_when_the_session_is_locked'
{
Interactive_logon_Display_user_information_when_the_session_is_locked ='Do not display user information'
Name ='Interactive_logon_Display_user_information_when_the_session_is_locked'
}
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Number_of_previous_logons_to_cache_in_case_domain_controller_is_not_available'
{
Interactive_logon_Number_of_previous_logons_to_cache_in_case_domain_controller_is_not_available ='0'
Name ='Interactive_logon_Number_of_previous_logons_to_cache_in_case_domain_controller_is_not_available'
}
SecurityOption 'SecurityRegistry(INF): Accounts_Limit_local_account_use_of_blank_passwords_to_console_logon_only'
{
Accounts_Limit_local_account_use_of_blank_passwords_to_console_logon_only ='Enabled'
Name ='Accounts_Limit_local_account_use_of_blank_passwords_to_console_logon_only'
}
SecurityOption 'SecurityRegistry(INF): Devices_Prevent_users_from_installing_printer_drivers'
{
Devices_Prevent_users_from_installing_printer_drivers ='Enabled'
Name ='Devices_Prevent_users_from_installing_printer_drivers'
}
SecurityOption 'SecurityRegistry(INF): Domain_member_Digitally_sign_secure_channel_data_when_possible'
{
Domain_member_Digitally_sign_secure_channel_data_when_possible ='Enabled'
Name ='Domain_member_Digitally_sign_secure_channel_data_when_possible'
}
SecurityOption 'SecurityRegistry(INF): Interactive_logon_Machine_inactivity_limit'
{
Interactive_logon_Machine_inactivity_limit ='900'
Name ='Interactive_logon_Machine_inactivity_limit'
}
UserRightsAssignment 'UserRightsAssignment(INF): Impersonate_a_client_after_authentication'
{
Policy ='Impersonate_a_client_after_authentication'
Force =$True
Identity =@('*S-1-5-6','*S-1-5-20','*S-1-5-19','*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Change_the_system_time'
{
Policy ='Change_the_system_time'
Force =$True
Identity =@('*S-1-5-19','*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Take_ownership_of_files_or_other_objects'
{
Policy ='Take_ownership_of_files_or_other_objects'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Shut_down_the_system'
{
Policy ='Shut_down_the_system'
Force =$True
Identity =@('*S-1-5-21-4075595556-3344564265-208431509-163054','*S-1-5-21-107827007-1194618527-561332275-413451','*S-1-5-21-107827007-1194618527-561332275-512')
}
UserRightsAssignment 'UserRightsAssignment(INF): Deny_log_on_as_a_batch_job'
{
Policy ='Deny_log_on_as_a_batch_job'
Force =$True
Identity =@('*S-1-5-32-546')
}
UserRightsAssignment 'UserRightsAssignment(INF): Allow_log_on_through_Remote_Desktop_Services'
{
Policy ='Allow_log_on_through_Remote_Desktop_Services'
Force =$True
Identity =@('*S-1-5-32-555','*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Create_symbolic_links'
{
Policy ='Create_symbolic_links'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Manage_auditing_and_security_log'
{
Policy ='Manage_auditing_and_security_log'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Debug_programs'
{
Policy ='Debug_programs'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Deny_log_on_through_Remote_Desktop_Services'
{
Policy ='Deny_log_on_through_Remote_Desktop_Services'
Force =$True
Identity =@('*S-1-5-32-546')
}
UserRightsAssignment 'UserRightsAssignment(INF): Increase_a_process_working_set'
{
Policy ='Increase_a_process_working_set'
Force =$True
Identity =@('*S-1-5-32-544','*S-1-5-19')
}
UserRightsAssignment 'UserRightsAssignment(INF): Increase_scheduling_priority'
{
Policy ='Increase_scheduling_priority'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Deny_log_on_locally'
{
Policy ='Deny_log_on_locally'
Force =$True
Identity =@('*S-1-5-32-546')
}
UserRightsAssignment 'UserRightsAssignment(INF): Remove_computer_from_docking_station'
{
Policy ='Remove_computer_from_docking_station'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Replace_a_process_level_token'
{
Policy ='Replace_a_process_level_token'
Force =$True
Identity =@('*S-1-5-20','*S-1-5-19')
}
UserRightsAssignment 'UserRightsAssignment(INF): Allow_log_on_locally'
{
Policy ='Allow_log_on_locally'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Restore_files_and_directories'
{
Policy ='Restore_files_and_directories'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Create_a_token_object'
{
Policy ='Create_a_token_object'
Force =$True
Identity =@('')
}
UserRightsAssignment 'UserRightsAssignment(INF): Act_as_part_of_the_operating_system'
{
Policy ='Act_as_part_of_the_operating_system'
Force =$True
Identity =@('')
}
UserRightsAssignment 'UserRightsAssignment(INF): Create_global_objects'
{
Policy ='Create_global_objects'
Force =$True
Identity =@('*S-1-5-32-544','*S-1-5-19','*S-1-5-20','*S-1-5-6')
}
UserRightsAssignment 'UserRightsAssignment(INF): Adjust_memory_quotas_for_a_process'
{
Policy ='Adjust_memory_quotas_for_a_process'
Force =$True
Identity =@('*S-1-5-20','*S-1-5-19','*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Deny_log_on_as_a_service'
{
Policy ='Deny_log_on_as_a_service'
Force =$True
Identity =@('*S-1-5-32-546')
}
UserRightsAssignment 'UserRightsAssignment(INF): Deny_access_to_this_computer_from_the_network'
{
Policy ='Deny_access_to_this_computer_from_the_network'
Force =$True
Identity =@('*S-1-5-32-546','*S-1-5-7')
}
UserRightsAssignment 'UserRightsAssignment(INF): Access_this_computer_from_the_network'
{
Policy ='Access_this_computer_from_the_network'
Force =$True
Identity =@('*S-1-5-32-544','*S-1-5-11')
}
UserRightsAssignment 'UserRightsAssignment(INF): Perform_volume_maintenance_tasks'
{
Policy ='Perform_volume_maintenance_tasks'
Force =$True
Identity =@('*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Generate_security_audits'
{
Policy ='Generate_security_audits'
Force =$True
Identity =@('*S-1-5-20','*S-1-5-19')
}
UserRightsAssignment 'UserRightsAssignment(INF): Lock_pages_in_memory'
{
Policy ='Lock_pages_in_memory'
Force =$True
Identity =@('')
}
UserRightsAssignment 'UserRightsAssignment(INF): Back_up_files_and_directories'
{
Policy ='Back_up_files_and_directories'
Force =$True
Identity =@('*S-1-5-32-551','*S-1-5-32-544')
}
UserRightsAssignment 'UserRightsAssignment(INF): Bypass_traverse_checking'
{
Policy ='Bypass_traverse_checking'
Force =$True
Identity =@('*S-1-5-32-544','*S-1-5-11','*S-1-5-32-551','*S-1-5-19','*S-1-5-20')
}
SecurityOption 'SecuritySetting(INF): NewAdministratorName'
{
Accounts_Rename_administrator_account ='_winadmin_'
Name ='Accounts_Rename_administrator_account'
}
SecurityOption 'SecuritySetting(INF): LSAAnonymousNameLookup'
{
Name ='Network_access_Allow_anonymous_SID_Name_translation'
Network_access_Allow_anonymous_SID_Name_translation ='Disabled'
}
SecurityOption 'SecuritySetting(INF): EnableGuestAccount'
{
Accounts_Guest_account_status ='Disabled'
Name ='Accounts_Guest_account_status'
}
SecurityOption 'SecuritySetting(INF): NewGuestName'
{
Accounts_Rename_guest_account ='_winguest_'
Name ='Accounts_Rename_guest_account'
}
SecurityOption 'SecuritySetting(INF): ForceLogoffWhenHourExpire'
{
Name ='Network_security_Force_logoff_when_logon_hours_expire'
Network_security_Force_logoff_when_logon_hours_expire ='Enabled'
}
<#Group '*S-1-5-32-544' { MembersToInclude = @('*S-1-5-32-544', '*S-1-5-32-544', '*S-1-5-32-544') GroupName = '*S-1-5-32-544' }#><#Group '*S-1-5-32-555' { MembersToInclude = @('*S-1-5-32-555') GroupName = '*S-1-5-32-555' }#><#Group '*S-1-5-21-107827007-1194618527-561332275-413451' { Members = @() GroupName = '*S-1-5-21-107827007-1194618527-561332275-413451' }#><#Group '*S-1-5-21-606747145-162531612-682003330-59873' { Members = @() GroupName = '*S-1-5-21-606747145-162531612-682003330-59873' }#><#Group '*S-1-5-21-107827007-1194618527-561332275-393006' { Members = @() GroupName = '*S-1-5-21-107827007-1194618527-561332275-393006' }#><#Group '*S-1-5-21-107827007-1194618527-561332275-317130' { Members = @() GroupName = '*S-1-5-21-107827007-1194618527-561332275-317130' }#>
RefreshRegistryPolicy 'ActivateClientSideExtension'
{
IsSingleInstance ='Yes'
}
}
}
DSCFromGPO -OutputPath 'C:\windows\system32\Output'
Suggested solution
Hello There,
Greetings for the day..
Hope you are doing good.
Am looking for a solution where it would push all the required policies and registries at one go.
but due to this issues, nothing is getting implemented post script is executed.
please help me with a solution for this.
Thanks and regards
Abhishek
Operating system the target node is running
Windows 2019
PowerShell version and build the target node is running
Problem description
Issue: to implement the Desired State Config over the newly built standalone servers to implement the Microsoft Security Baseline.
We in our environment have the baseline implemented through GPO – Group Policy Objects. So that whole baseline can be pushed to the domain joined servers.
But for standalone servers we don’t have this option /or to config manually on each server.
To automate this process this DSC is used.
So we have converted the GPO to DSC and tried to implement it on the test server.
Which was not successful due to many errors and issues.
Verbose logs
DSC configuration
Suggested solution
Hello There,
Greetings for the day..
Hope you are doing good.
Am looking for a solution where it would push all the required policies and registries at one go.
but due to this issues, nothing is getting implemented post script is executed.
please help me with a solution for this.
Thanks and regards
Abhishek
Operating system the target node is running
PowerShell version and build the target node is running
xPSDesiredStateConfiguration version
The text was updated successfully, but these errors were encountered: