Tuesday, December 26, 2017

How can I import a security template in Windows 7 using command line?

I would like to remotely deploy some specific change in Security Policies to several computers via remote console (SSH).
This is my just exported security template .inf file, extracted according (mostly) to these instructions :


[Unicode]
Unicode=yes
[Registry Values]
[Privilege Rights]
SeCreateTokenPrivilege = CRON
[Version]
signature="$CHICAGO$"
Revision=1
[Profile Description]
Description=PruebaCRON

It just adds the user "CRON" (homemade) to Local Security Policy snap-in to allow that user to 'Create a token object'.
When I try to import it in another computer (both Windows 7 SP1, 64 bits) doing this:


secedit /import /db secedit.sdb /cfg PruebaCRON.inf /overwrite /log MyLog.txt

... I get a warning message ("overwriting is dangerous, blah blah blah..."), I accept, and there is no error message, but nothing happens. There is no changes at all at secpol.msc.
The log file is a 2 bytes size, with no content (?).
Does anyone know how this command work, or any other method to import this simple change (just adding the user "CRON" to 'Create a token object') to Security Policies in Windows 7 via command line?

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

hard drive - Leaving bad sectors in unformatted partition?

Laptop was acting really weird, and copy and seek times were really slow, so I decided to scan the hard drive surface. I have a couple hundr...