RE: secedit.sdb behavior in W2K

From: Sarbjit Singh Gill (ssgill@gilltechnologies.com)
Date: 06/26/02


From: "Sarbjit Singh Gill" <ssgill@gilltechnologies.com>
To: <mdapkus@lycos.com>, <focus-ms@securityfocus.com>
Date: Wed, 26 Jun 2002 23:42:34 +0800

This link would be useful.
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechn
ol/windows2000serv/deploy/confeat/securcon.asp (URL should be in one line)

There is indications that changing setting with the Command Line SCEDIT tool
does immediate updates compare to using the Local Security Policy MMC snap
in.

Cheers
Gill
MCT
-----Original Message-----
From: Mike Dapkus [mailto:mdapkus@lycos.com]
Sent: Wednesday, June 26, 2002 4:58 AM
To: focus-ms@securityfocus.com
Subject: secedit.sdb behavior in W2K

I have a question about local security settings in W2K Server. I had
thought that no matter how a change to the local policy was performed, it
would update and modify secedit.sdb, but this is not the case. When making
modifications to the local security policy via the "Local Security Settings"
mmc snap-in, the file does not get updated. It only seems to get updated
when running the cl utility secedit to apply a policy, or by loading a
pre-defined local security policy in the "Security Configuration and
Analysis" mmc snap-in.

I have tested this by starting out with a "known" local security policy,
then making a particular change (doesn't seem to matter what is changed) to
the policy via the "Local Security Settings" mmc snap-in - the secedit file
does not get modified. If I start out in the same configuration, and make
the same change using a *.sdb file, the secedit file immediately is updated.
Is the policy stored in two different places, depending on which tool you've
used to modify it?

Also, how often do servers reapply the local security policy? It seems like
the "last modified date" of secedit.sdb is never much older than 24 hours,
but I haven't noticed a pattern that repeats itself. A quick search of
MS's site didn't help answering either of these issues.

Thanks,
Mike

____________________________________________________________
Win a first-class trip to New Orleans and vacation Elvis Style!.
Enter NOW!
http://r.lycos.com/r/sagel_mail/http://www.elvis.lycos.com/sweepstakes/



Relevant Pages

  • Re: local security policy
    ... secpol.msc = Local Security Settings ... > the trouble is there is no local security policy in administrative tools. ...
    (microsoft.public.windowsxp.newusers)
  • Re: Local security policy
    ... secpol.msc is Local Security Policy. ... gpedit.msc = Group Policy ... secpol.msc = Local Security Settings ... > I am trying to change my local security policy but i cant find it ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Windows update 0*800c0008
    ... For error message 0x800c0008 please try the steps suggested in the ... This error may occur if you have enabled the following local security ... "Local Security Policy". ... If the problem persists please post the last 20-30 lines of the Windows ...
    (microsoft.public.windowsupdate)
  • local security policy problem (virus?)
    ... I have a problem with local security policy on Win2k workstation. ... What happens is that the workstation is loosing local security settings. ...
    (microsoft.public.win2000.security)
  • Re: Local Security Policy Missing + winik.sys trojan
    ... > I need to get into my Local Security Folder under Administrative Tools. ... Are you just missing the Local Security Policy shortcut in that menu? ... First check your search options (especially for the MSKB section). ...
    (microsoft.public.windows.inetexplorer.ie6.browser)