archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/mergedcomponents/setupinfs/secrecs.inx

171 lines
8.7 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. ;Supplies defaults recommendations for SCM UI
  2. ;Specify default system settings where possible
  3. ;If there are SKU differences present the more secure setting
  5. [Version]
  6. signature="$CHICAGO$"
  7. [Service General Setting]
  8. PlaceHolder,4,"D:AR(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCLCSWLOCRRC;;;IU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"
  9. [Registry Keys]
  10. "PlaceHolder",2,"D:PAR(A;CI;KA;;;BA)(A;CIIO;KA;;;CO)(A;CI;KA;;;SY)(A;CI;KR;;;BU)"
  11. [File Security]
  12. "PlaceHolder",2,"D:PAR(A;OICI;FA;;;BA)(A;OICIIO;FA;;;CO)(A;OICI;FA;;;SY)(A;OICI;0x1200a9;;;BU)"
  14. [System Access]
  15. ;----------------------------------------------------------------
  16. ;Account Policies - Password Policy
  17. ;----------------------------------------------------------------
  18. MinimumPasswordAge = 0
  19. MaximumPasswordAge = 42
  20. MinimumPasswordLength = 0
  21. PasswordComplexity = 0
  22. PasswordHistorySize = 0
  23. RequireLogonToChangePassword = 0
  24. ClearTextPassword = 0
  25. LSAAnonymousNameLookup = 0
  26. EnableGuestAccount = 0
  28. ;----------------------------------------------------------------
  29. ;Account Policies - Lockout Policy
  30. ;----------------------------------------------------------------
  31. LockoutBadCount = 0
  32. ;ResetLockoutCount = 30
  33. ;LockoutDuration = 30
  35. ;----------------------------------------------------------------
  36. ;Local Policies - Security Options
  37. ;----------------------------------------------------------------
  38. ;DC Only
  39. ;ForceLogoffWhenHourExpire = 0
  41. ;NewAdministatorName =
  42. ;NewGuestName =
  43. ;SecureSystemPartition
  45. ;----------------------------------------------------------------
  46. ;Event Log - Log Settings
  47. ;----------------------------------------------------------------
  48. ;Audit Log Retention Period:
  49. ;0 = Overwrite Events As Needed
  50. ;1 = Overwrite Events As Specified by Retention Days Entry
  51. ;2 = Never Overwrite Events (Clear Log Manually)
  53. [System Log]
  54. MaximumLogSize = 16384
  55. AuditLogRetentionPeriod = 0
  56. RetentionDays = 7
  57. RestrictGuestAccess = 1
  59. [Security Log]
  60. MaximumLogSize = 16384
  61. AuditLogRetentionPeriod = 0
  62. RetentionDays = 7
  63. RestrictGuestAccess = 1
  65. [Application Log]
  66. MaximumLogSize = 16384
  67. AuditLogRetentionPeriod = 0
  68. RetentionDays = 7
  69. RestrictGuestAccess = 1
  71. ;----------------------------------------------------------------------
  72. ; Local Policies\Audit Policy
  73. ;----------------------------------------------------------------------
  74. [Event Audit]
  75. AuditSystemEvents = 0
  76. AuditObjectAccess = 0
  77. AuditPrivilegeUse = 0
  78. AuditPolicyChange = 0
  79. AuditAccountManage = 0
  80. AuditProcessTracking = 0
  81. ;AuditDSAccess = 0
  82. AuditAccountLogon = 1
  83. AuditLogonEvents = 1
  86. ;----------------------------------------------------------------
  87. ;Registry Values
  88. ;----------------------------------------------------------------
  89. [Registry Values]
  90. ; Registry value name in full path = Type, Value
  91. ; REG_SZ ( 1 )
  92. ; REG_EXPAND_SZ ( 2 ) // with environment variables to expand
  93. ; REG_BINARY ( 3 )
  94. ; REG_DWORD ( 4 )
  95. ; REG_MULTI_SZ ( 7 )
  97. MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,0
  98. MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0
  99. MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds=4,0
  100. MACHINE\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous=4,0
  101. MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest=4,0
  102. MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy=4,0
  103. MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,0
  104. MACHINE\System\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse=4,1
  105. MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,0
  106. MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSec=4,0
  107. MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec=4,0
  108. MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash=4,0
  109. MACHINE\System\CurrentControlSet\Control\Lsa\NoDefaultAdminOwner=4,1
  110. MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0
  111. MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=4,1
  113. MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPaths\Machine=7,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
  114. MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedExactPaths\Machine=7,System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
  116. MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl=4,0
  118. MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDrivers=4,0
  120. MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel\ObCaseInsensitive=4,1
  121. MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,0
  122. MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1
  123. MACHINE\System\CurrentControlSet\Control\Session Manager\SubSystems\optional=7,Posix
  125. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,0
  126. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0
  127. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1
  128. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15
  129. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RestrictNullSessAccess=4,1
  130. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionPipes=7,COMNAP,COMNODE,SQL\QUERY,SPOOLSS,LLSRPC,EPMAPPER,LOCATOR,TrkWks,TrkSvr
  131. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionShares=7,COMCFG,DFS$
  133. MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnableSecuritySignature=4,1
  134. MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecuritySignature=4,0
  135. MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPassword=4,0
  137. MACHINE\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrity=4,1
  139. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DisablePasswordChange=4,0
  140. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\MaximumPasswordAge=4,30
  141. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RefusePasswordChange=4,0
  142. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1
  143. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1
  144. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,1
  145. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey=4,0
  147. MACHINE\Software\Microsoft\Driver Signing\Policy=3,1
  149. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableCAD=4,0
  150. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLastUserName=4,0
  151. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption=1,""
  152. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText=7,""
  153. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ScForceOption=4,0
  154. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogon=4,1
  155. MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon=4,1
  157. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel=4,0
  158. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SetCommand=4,0
  160. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,0
  161. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateDASD=1,0
  162. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,0
  163. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,10
  164. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ForceUnlockLogon=4,0
  165. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\PasswordExpiryWarning=4,14
  166. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScRemoveOption=1,0
  168. MACHINE\Software\Policies\Microsoft\Cryptography\ForceKeyProtection=4,0
  169. MACHINE\Software\Policies\Microsoft\Cryptography\PasswordCacheTimeout=4,300
  170. MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\AuthenticodeEnabled=4,0