home *** CD-ROM | disk | FTP | other *** search
/ PC World 2005 December (Special) / PCWorld_2005-12_Special_cd.bin / Windows / trikyxp / trikyxp.exe / scesp4i.exe / mssce.cab / hisecws4.inf < prev    next >
Encoding:
Windows Setup INFormation  |  1998-10-01  |  20.4 KB  |  381 lines
  1. ; (c) Microsoft Corporation 1997-2000
  2. ;
  3. ; Security Configuration Template for Security Configuration Editor
  4. ;
  5. ; Template Name:        Hisecws4.INF
  6. ; Template Version:     04.00.HW.0000
  7. ;
  8. ; Revision History
  9. ; 0000  -       Original
  10.  
  11.  
  12. [Profile Description]
  13. Hi Secure Windows NT Workstation\Server 4.0.
  14.  
  15. [version]
  16. signature="$CHICAGO$"
  17.  
  18. [System Access]
  19. ;----------------------------------------------------------------
  20. ;Account Policies - Password Policy
  21. ;----------------------------------------------------------------
  22. MinimumPasswordAge = 2
  23. MaximumPasswordAge = 42
  24. MinimumPasswordLength = 8
  25. PasswordComplexity = 1
  26. PasswordHistorySize = 6
  27. RequireLogonToChangePassword = 0
  28. ClearTextPassword = 0
  29.  
  30. ;----------------------------------------------------------------
  31. ;Account Policies - Lockout Policy
  32. ;----------------------------------------------------------------
  33. LockoutBadCount = 5
  34. ResetLockoutCount = 720
  35. LockoutDuration = -1
  36.  
  37. ;----------------------------------------------------------------
  38. ;Local Policies - Security Options
  39. ;----------------------------------------------------------------
  40. ;DC Only
  41. ;ForceLogoffWhenHourExpire = 1
  42.  
  43. ;NewAdministatorName =
  44. ;NewGuestName =
  45. ;SecureSystemPartition
  46.  
  47. ;----------------------------------------------------------------
  48. ;Event Log - Log Settings
  49. ;----------------------------------------------------------------
  50. ;Audit Log Retention Period:
  51. ;0 = Overwrite Events As Needed
  52. ;1 = Overwrite Events As Specified by Retention Days Entry
  53. ;2 = Never Overwrite Events (Clear Log Manually)
  54.  
  55. [System Log]
  56. MaximumLogSize = 3072
  57. AuditLogRetentionPeriod = 0
  58. ;RetentionDays = 7
  59. RestrictGuestAccess = 1
  60.  
  61. [Security Log]
  62. MaximumLogSize = 3072
  63. AuditLogRetentionPeriod = 0
  64. ;RetentionDays = 7
  65. RestrictGuestAccess = 1
  66.  
  67. [Application Log]
  68. MaximumLogSize = 3072
  69. AuditLogRetentionPeriod = 0
  70. ;RetentionDays = 7
  71. RestrictGuestAccess = 1
  72.  
  73. ;----------------------------------------------------------------------
  74. ;    Local Policies\Audit Policy
  75. ;----------------------------------------------------------------------
  76. [Event Audit]
  77. AuditSystemEvents = 3
  78. AuditObjectAccess = 2
  79. AuditPrivilegeUse = 2
  80. AuditPolicyChange = 3
  81. AuditAccountManage = 3
  82. AuditProcessTracking = 0
  83. ;AuditDSAccess=0
  84. AuditAccountLogon=2
  85. AuditLogonEvents = 2
  86.  
  87. ;----------------------------------------------------------------
  88. ;Registry Values
  89. ;----------------------------------------------------------------
  90. [Registry Values]
  91. ; Registry value name in full path = Type, Value
  92. ; REG_SZ                      ( 1 )
  93. ; REG_EXPAND_SZ               ( 2 )  // with environment variables to expand
  94. ; REG_BINARY                  ( 3 )
  95. ; REG_DWORD                   ( 4 )
  96. ; REG_MULTI_SZ                ( 7 )
  97.  
  98. MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,1
  99. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,1
  100. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,1
  101. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,10
  102. MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,1
  103. MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0
  104. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DontDisplayLastUserName=1,1
  105. ;Bug pending if value is present regardless of data
  106. ;MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,30
  107. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption=1,""
  108. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText=1,""
  109. ;Bug Pending when LMCompat=2 and packet signing enabled
  110. MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,1
  111. MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1
  112. MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,1
  113. ;MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ShutdownWithoutLogon=1,0
  114. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1
  115. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1
  116. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,0
  117. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnableSecuritySignature=4,1
  118. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\RequireSecuritySignature=4,0
  119. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,1
  120. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0
  121. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1
  122. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15
  123. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnablePlainTextPassword=4,0
  124. ;MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl=4,0
  125. MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\AddPrintDrivers=4,1
  126.  
  127.  
  128. ;----------------------------------------------------------------------
  129. ;    Local Policies\User Rights Assignment
  130. ;----------------------------------------------------------------------
  131. ;SeNetworkLogonRight            = Access this computer from the network
  132. ;SeTcbPrivilege                 = Act as part of the operating System           - (Advanced)
  133. ;SeMachineAccountPrivilege      = Add workstations to the domain                - (Advanced)
  134. ;SeBackupPrivilege              = Back up files and directories
  135. ;SeChangeNotifyPrivilege        = Bypass traverse checking                      - (Advanced)
  136. ;SeSystemtimePrivilege          = Change the system time
  137. ;SeCreatePagefilePrivilege      = Create a pagefile                             - (Advanced)
  138. ;SeCreateTokenPrivilege         = Create a token object                         - (Advanced)
  139. ;SeCreatePermanentPrivilege     = Create permanent shared objects               - (Advanced)
  140. ;SeDebugPrivilege               = Debug programs                                - (Advanced)
  141. ;SeRemoteShutdownPrivilege      = Force shutdown from a remote system
  142. ;SeAuditPrivilege               = Generate security audits                      - (Advanced)
  143. ;SeIncreaseQuotaPrivilege       = Increase quotas                               - (Advanced)
  144. ;SeIncreaseBasePriorityPrivilege= Increase scheduling priority                  - (Advanced)
  145. ;SeLoadDriverPrivilege          = Load and unload device drivers
  146. ;SeLockMemoryPrivilege          = Lock pages in memory                          - (Advanced)
  147. ;SeBatchLogonRight              = Log on as a batch job                         - (Advanced)
  148. ;SeServiceLogonRight            = Log on as a service                           - (Advanced)
  149. ;SeInteractiveLogonRight        = Log on locally                                - (Advanced)
  150. ;SeSecurityPrivilege            = Manage auditing and security log              - (Advanced)
  151. ;SeSystemEnvironmentPrivilege   = Modify firmware environment variables         - (Advanced)
  152. ;SeProfileSingleProcessPrivilege= Profile single process                        - (Advanced)
  153. ;SeSystemProfilePrivilege       = Profile system performance                    - (Advanced)
  154. ;SeAssignPrimaryTokenPrivilege  = Replace a process-level token                 - (Advanced)
  155. ;SeRestorePrivilege             = Restore files and directories
  156. ;SeShutdownPrivilege            = Shut down the system
  157. ;SeTakeOwnershipPrivilege       = Take ownership of files or other objects
  158. ;SeUnsolicitedInputPrivilege                                                    - (Advanced)
  159. ;
  160. [Privilege Rights]
  161. SeAssignPrimaryTokenPrivilege =
  162. SeAuditPrivilege =
  163. SeBackupPrivilege = %SceInfAdmins%, %SceInfBackupOp%
  164. ;SeBatchLogonRight = 
  165. ;SeChangeNotifyPrivilege = %SceInfEveryone%
  166. SeCreatePagefilePrivilege = %SceInfAdmins%
  167. SeCreatePermanentPrivilege =
  168. SeCreateTokenPrivilege =
  169. SeDebugPrivilege = %SceInfAdmins%
  170. SeIncreaseBasePriorityPrivilege = %SceInfAdmins%, %SceInfPowerUsers%
  171. SeIncreaseQuotaPrivilege = %SceInfAdmins%
  172. SeInteractiveLogonRight = %SceInfAdmins%, %SceInfBackupOp%, %SceInfPowerUsers%, %SceInfUsers%
  173. SeLoadDriverPrivilege = %SceInfAdmins%
  174. SeLockMemoryPrivilege =
  175. ;SeMachineAccountPrivilege =
  176. SeNetworkLogonRight = %SceInfAdmins%, %SceInfPowerUsers%, %SceInfUsers%
  177. SeProfileSingleProcessPrivilege = %SceInfAdmins%, %SceInfPowerUsers%
  178. SeRemoteShutdownPrivilege = %SceInfAdmins%, %SceInfPowerUsers%
  179. SeRestorePrivilege = %SceInfAdmins%, %SceInfBackupOp%
  180. SeSecurityPrivilege = %SceInfAdmins%
  181. ;SeServiceLogonRight =
  182. SeShutdownPrivilege = %SceInfAdmins%, %SceInfPowerUsers%, %SceInfUsers%
  183. SeSystemEnvironmentPrivilege = %SceInfAdmins%
  184. SeSystemProfilePrivilege = %SceInfAdmins%
  185. SeSystemTimePrivilege = %SceInfAdmins%, %SceInfPowerUsers%
  186. SeTakeOwnershipPrivilege = %SceInfAdmins%
  187. ;SeTcbPrivilege =
  188.  
  189. ;----------------------------------------------------------------------
  190. ;    Restricted Groups
  191. ;----------------------------------------------------------------------
  192. [Group Membership]
  193. ;;%SceInfBackupOp%__Memberof =
  194. ;;%SceInfBackupOp%__Members =
  195. ;;%SceInfReplicator%__Memberof =
  196. ;;%SceInfReplicator%__Members =
  197. ;;%SceInfUsers%__Memberof =
  198. ;;%SceInfUsers%__Members =
  199. ;;%SceInfPowerUsers%__Memberof =
  200. ;;%SceInfPowerUsers%__Members =
  201. ;;%SceInfAdmins%__Memberof =
  202. ;;%SceInfAdmins%__Members =
  203. ;;%SceInfGuests%__Memberof =
  204. ;;%SceInfGuests%__Members =
  205.  
  206.  
  207. ;---------------------------------------------------------------------------------------
  208. ;    Registry
  209. ;---------------------------------------------------------------------------------------
  210. [Registry Keys]
  211. "CLASSES_ROOT",2,"D:(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;PU)"
  212. "CLASSES_ROOT\helpfile",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  213. "CLASSES_ROOT\.hlp",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  214.  
  215. "MACHINE\Software",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGWSD;;;PU)S:P(SA;CIOISAFA;0x000d0006;;;WD)"
  216.  
  217. "MACHINE\SOFTWARE\Classes",1,""
  218.  
  219. "MACHINE\SOFTWARE\Microsoft\NetDDE",2,"D:P(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  220. "MACHINE\SOFTWARE\Microsoft\Ole",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  221. "MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider",1,""
  222. "MACHINE\SOFTWARE\Microsoft\Rpc",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  223. "MACHINE\SOFTWARE\Microsoft\Secure",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  224.  
  225. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  226. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  227.  
  228. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  229. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  230. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  231. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  232. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  233. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Embedding",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  234. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)"
  235. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)"
  236. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  237. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  238. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  239. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  240. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  241. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI Extensions",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  242. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  243. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Midimap",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  244. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib",2,"D:P(A;CI;GR;;;IU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  245. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009",1,""
  246. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  247. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  248. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  249. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Type 1 Installer\Type 1 Fonts",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  250. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  251. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  252. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;PU)"
  253.  
  254. "MACHINE\SYSTEM",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  255.  
  256. "MACHINE\SYSTEM\Clone",1,""
  257.  
  258. "MACHINE\SYSTEM\ControlSet010",1,""
  259. "MACHINE\SYSTEM\ControlSet009",1,""
  260. "MACHINE\SYSTEM\ControlSet008",1,""
  261. "MACHINE\SYSTEM\ControlSet007",1,""
  262. "MACHINE\SYSTEM\ControlSet006",1,""
  263. "MACHINE\SYSTEM\ControlSet005",1,""
  264. "MACHINE\SYSTEM\ControlSet004",1,""
  265. "MACHINE\SYSTEM\ControlSet003",1,""
  266. "MACHINE\SYSTEM\ControlSet002",1,""
  267. "MACHINE\SYSTEM\ControlSet001",1,""
  268.  
  269. "MACHINE\SYSTEM\CurrentControlSet\Enum",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;SY)"
  270.  
  271. "MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions",1,""
  272. "MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg",2,"D:P(A;CI;GA;;;DA)(A;CI;GRGW;;;BO)"
  273.  
  274. "MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Executive",2,"D:(A;CI;GRGW;;;PU)"
  275.  
  276. "MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation",2,"D:(A;CI;GRGW;;;PU)"
  277.  
  278. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current",1,""
  279.  
  280.  
  281. "USERS\.DEFAULT",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  282. "USERS\.DEFAULT\Software\Microsoft\NetDDE",2,"D:P(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  283. "USERS\.DEFAULT\SOFTWARE\Microsoft\Protected Storage System Provider",1,""
  284. "USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;PU)"
  285.  
  286. ;---------------------------------------------------------------------------------------
  287. ;    File System
  288. ;---------------------------------------------------------------------------------------
  289. [File Security]
  290.  
  291. ;---------------------------------------------------------------------------------------
  292. ;x86 Boot Files
  293. ;---------------------------------------------------------------------------------------
  294. ;Must change if Boot Partition is Not C:\
  295. "c:\boot.ini",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)"
  296. "c:\ntdetect.com",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)"
  297. "c:\ntldr",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)"
  298. "c:\ntbootdd.sys",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)"
  299. "c:\autoexec.bat",2,"D:P(A;;GRGX;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)(A;;GA;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)"
  300. "c:\config.sys",2,"D:P(A;;GRGX;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)(A;;GA;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)"
  301.  
  302. ;---------------------------------------------------------------------------------------------
  303. ;System Drive (\)
  304. ;---------------------------------------------------------------------------------------------
  305. "%SystemDrive%",0,"D:(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;;GW;;;PU)"
  306.  
  307. "%SystemDrive%\Program Files",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;SY)(A;CIOI;GRGWGXSD;;;PU)"
  308. "%SystemDrive%\Recycler",1,""
  309. "%SystemDrive%\~Secure.nt",1,""
  310. "%SystemDrive%\Temp",2,"D:P(A;CIOI;GA;;;CO)(A;CI;GRGWGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  311. "%SystemDrive%\Users",1,""
  312. "%SystemDrive%\InetPub",1,""
  313. "%SystemDrive%\PageFile.Sys",1,""
  314.  
  315. ;---------------------------------------------------------------------------------------------
  316. ;System Root (Typically \WINNT)
  317. ;---------------------------------------------------------------------------------------------
  318. ;SACL on systemroot looks for success/failed W,CP,TO
  319. "%SystemRoot%",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CI;GRGWGXSD;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)"
  320. "%SystemRoot%\profiles",1,""
  321. "%SystemRoot%\repair",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  322. "%SystemRoot%\Win.ini",2,"D:P(A;;GRGX;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;PU)"
  323. ;Shell Exceptions (All)
  324. "%SystemRoot%\setup.old",2,"D:(A;;GRGWGXSD;;;IU)"
  325. ;Shell Exceptions (IE302)
  326. "%SystemRoot%\Cookies",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;;GRGWGXSD;;;IU)"
  327. "%SystemRoot%\History",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;;GRGWGXSD;;;IU)"
  328. "%SystemRoot%\Temporary Internet Files",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;;GRGWGXSD;;;IU)"
  329. ;Shell Exceptions (IE401)
  330. "%SystemRoot%\Downloaded Program Files",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;;GRGWGXSD;;;IU)"
  331. "%SystemRoot%\fpxpress.ini",2,"D:(A;;GRGWGXSD;;;IU)"
  332. "%SystemRoot%\OCCache",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;;GRGWGXSD;;;IU)"
  333. "%SystemRoot%\Subscriptions",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;;GRGWGXSD;;;IU)"
  334. "%SystemRoot%\Web\WallPaper",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;;GRGWGXSD;;;IU)"
  335. "%SystemRoot%\Web\WallPaper\Wallpapr.htm",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;IU)"
  336.  
  337. ;---------------------------------------------------------------------------------------------
  338. ;System Directory (Typically \Winnt\System32)
  339. ;---------------------------------------------------------------------------------------------
  340. "%SystemDirectory%\config",2,"D:P(A;CI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  341. "%SystemDirectory%\repl\import",2,"D:(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;RP)S:P"
  342. "%SystemDirectory%\repl\export",2,"D:(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;RP)S:P"
  343. "%SystemDirectory%\spool",2,"D:(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;PU)S:P"
  344. "%SystemDirectory%\spool\printers",2,"D:P(A;CI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;PU)"
  345.  
  346. "%SystemDirectory%\autoexec.nt",2,"D:(A;;GRGWGXSD;;;PU)"
  347. "%SystemDirectory%\cmos.ram",2,"D:(A;;GRGWGXSD;;;PU)"
  348. "%SystemDirectory%\config.nt",2,"D:(A;;GRGWGXSD;;;PU)"
  349. "%SystemDirectory%\hpmon.dll",2,"D:(A;;GRGWGXSD;;;PU)"
  350. "%SystemDirectory%\hpmon.hlp",2,"D:(A;;GRGWGXSD;;;PU)"
  351. "%SystemDirectory%\localmon.dll",2,"D:(A;;GRGWGXSD;;;PU)"
  352. "%SystemDirectory%\midimap.cfg",2,"D:(A;;GRGWGXSD;;;PU)"
  353.  
  354.  
  355. ;---------------------------------------------------------------------------------------
  356. ;    EOF
  357. ;---------------------------------------------------------------------------------------
  358.  
  359.  
  360. [Strings]
  361.  
  362. SceInfAdministrator = Administrator
  363. SceInfAdmins = Administrators
  364. SceInfAcountOp = Account Operators
  365. SceInfAuthUsers = Authenticated Users
  366. SceInfBackupOp = Backup Operators
  367. SceInfDomainAdmins = Domain Admins
  368. SceInfDomainGuests = Domain Guests
  369. SceInfDomainUsers = Domain Users
  370. SceInfEveryone = Everyone
  371. SceInfGuests = Guests
  372. SceInfGuest = Guest
  373. SceInfPowerUsers = Power Users
  374. SceInfPrintOp = Print Operators
  375. SceInfReplicator = Replicator
  376. SceInfServerOp = Server Operators
  377. SceInfUsers = Users
  378. SceInfMTSAdmins = MTS Administrators
  379. SceInfMTSImpersonators = MTS Impersonators
  380. SceInfMTSAdmin = MTS_Admin
  381.