Re: What exactly is secedit.sdb
From: Nick Finco [MSFT] (nfinco_at_online.microsoft.com)
Date: 04/29/03
- Next message: Steven L Umbach: "Re: Can still login when network disconnected"
- Previous message: Keith W. McCammon: "Re: Packet/Email Encryption Yes or No"
- In reply to: Peter Clark: "What exactly is secedit.sdb"
- Next in thread: Peter Clark: "Re: What exactly is secedit.sdb"
- Reply: Peter Clark: "Re: What exactly is secedit.sdb"
- Reply: Daniel Billingsley: "Re: What exactly is secedit.sdb"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Apr 2003 11:59:15 -0700
There aren't any hidden settings. You should use the Local Security Policy
editor (secpol.msc) to edit this database. On WinXP, Local Security Policy
edits the machine's security settings directly so there is nothing stored
for it in secedit.sdb. This DB is also used while processing domain group
policy.
N
-- This posting is provided "AS IS" with no warranties, and confers no rights. Any included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm "Peter Clark" <clark@hushmail.com> wrote in message news:02c101c30e7e$d4e23ad0$a101280a@phx.gbl... > it stores a copy of many security settings. the real > settings are stored in the registry/filesystem. the > secedit.sdb refreshes the registry when "applying security > policy" > > secedit.sdb holds the following settings: > > [System Access] > \Account Policy\Password Policy\ > [System Access] > \Account Policy\Account Lockout Policy\ > [Kerberos Policy] > \Account Policy\Kerberos Policy\ > [Event Audit] > \Local Policies\Audit Policy\ > [Privilege Rights] > \Local Policies\USer Rights Assignment\ > [Registry Values] > \Local Policies\Security Options\ > [System Access]++ > Automatically log off users when logon time expires (local) > Secure system partition (for RISC platforms only) > \Event log\Settings for Event logs\ > [Event Audit] > [Application/Security/System Log] > Restricted Groups > System Services > Registry > File System > > though on 2k/xp pro some of this settings are hidden in the > secedit.sdb, however a simple "modification" can correct > this, adding to fuctionality ;-) i have some rough notes on > the settings if your interested - email me. > > > >-----Original Message----- > >I understand c:\winnt\security\database\secedit.sdb is > crucial to lots of > >security settings, but I can't find anywhere in the doc or > technet that > >explains what exactly it is. > > > >Is it just the database that stores the local group policy?
- Next message: Steven L Umbach: "Re: Can still login when network disconnected"
- Previous message: Keith W. McCammon: "Re: Packet/Email Encryption Yes or No"
- In reply to: Peter Clark: "What exactly is secedit.sdb"
- Next in thread: Peter Clark: "Re: What exactly is secedit.sdb"
- Reply: Peter Clark: "Re: What exactly is secedit.sdb"
- Reply: Daniel Billingsley: "Re: What exactly is secedit.sdb"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
