Security and Administrative templates
- From: "Jos Scherders" <thrower@xxxxxxx>
- Date: Wed, 21 Jun 2006 23:39:26 +0200
Hi all,
I am fighting with OS Hardening issues at the moment and have been studying
how templates can help me doing this. There are a few things not quite clear
to
me and I am hoping someone reading this can help me out.
Using security templates I can define security settings and apply them to my
local system. I can even add my own settings by modifying and registering
scrregvl.inf and apply those as well. On the other site I have a number of
registry based settings managed by administrative templates. Again I add my
own settings by adding additional custom administrative templates.
What I find confusing is this. Which of all these settings are actually
enforced by the Local Group Policy and how does Local Group Policy decide
which settings should be applied on each policy refresh (e.g. On startup,
logon and every 16 hours for security setings).
For example. What happens if I apply a security template and that security
template contains settings that are also defined in Windows
Settings->Security Settings in Local Group Policy or in the Admistrative
Templates subtree. Will "Apply security template" (for example by running
secedit) recognize that the setting to be applied is under control of local
group policy and update both the registry as well as the information
recorded in the local group policy or will the setting applied be
overwritten next time local group policy is refreshed ? I can't figure out
how this is synchronized if that is what happens.
Thanks for any information.
Jos.
.
- Prev by Date: Re: What is generating the values for this key?
- Next by Date: Why GINA in Terminal Services exports drives ( and smartcard readers ) ?
- Previous by thread: Problem with Microsoft Enhanced Cryptographic Provider
- Next by thread: Why GINA in Terminal Services exports drives ( and smartcard readers ) ?
- Index(es):
Relevant Pages
|
|
