home *** CD-ROM | disk | FTP | other *** search
/ PC World 2005 December (Special) / PCWorld_2005-12_Special_cd.bin / Windows / trikyxp / trikyxp.exe / scesp4i.exe / mssce.cab / securdc4.inf < prev    next >
Encoding:
Windows Setup INFormation  |  1998-09-30  |  19.4 KB  |  359 lines
  1. ; (c) Microsoft Corporation 1997-2000
  2. ;
  3. ; Security Configuration Template for Security Configuration Editor
  4. ;
  5. ; Template Name:        SecurDC4.INF
  6. ; Template Version:     04.00.SD.0000
  7. ;
  8. ; Revision History
  9. ; 0000  -       Original
  10.  
  11.  
  12. [Profile Description]
  13. Secure configuration for Windows NT 4.0 DC's.
  14.  
  15. [version]
  16. signature="$CHICAGO$"
  17.  
  18. [System Access]
  19. ;----------------------------------------------------------------
  20. ;Account Policies - Password Policy
  21. ;----------------------------------------------------------------
  22. MinimumPasswordAge = 2
  23. MaximumPasswordAge = 42
  24. MinimumPasswordLength = 7
  25. PasswordComplexity = 1
  26. PasswordHistorySize = 6
  27. RequireLogonToChangePassword = 0
  28. ClearTextPassword = 0
  29.  
  30. ;----------------------------------------------------------------
  31. ;Account Policies - Lockout Policy
  32. ;----------------------------------------------------------------
  33. LockoutBadCount = 5
  34. ResetLockoutCount = 720
  35. LockoutDuration = 30
  36.  
  37.  
  38. ;----------------------------------------------------------------
  39. ;Local Policies - Security Options
  40. ;----------------------------------------------------------------
  41. ;DC Only
  42. ForceLogoffWhenHourExpire = 1
  43.  
  44. ;NewAdministatorName =
  45. ;NewGuestName =
  46. ;SecureSystemPartition
  47.  
  48. ;----------------------------------------------------------------
  49. ;Event Log - Log Settings
  50. ;----------------------------------------------------------------
  51. ;Audit Log Retention Period:
  52. ;0 = Overwrite Events As Needed
  53. ;1 = Overwrite Events As Specified by Retention Days Entry
  54. ;2 = Never Overwrite Events (Clear Log Manually)
  55.  
  56. [System Log]
  57. MaximumLogSize = 5120
  58. AuditLogRetentionPeriod = 0
  59. ;RetentionDays = 7
  60. RestrictGuestAccess = 1
  61.  
  62. [Security Log]
  63. MaximumLogSize = 5120
  64. AuditLogRetentionPeriod = 0
  65. ;RetentionDays = 7
  66. RestrictGuestAccess = 1
  67.  
  68. [Application Log]
  69. MaximumLogSize = 5120
  70. AuditLogRetentionPeriod = 0
  71. ;RetentionDays = 7
  72. RestrictGuestAccess = 1
  73.  
  74. ;----------------------------------------------------------------------
  75. ;    Local Policies\Audit Policy
  76. ;----------------------------------------------------------------------
  77. [Event Audit]
  78. AuditSystemEvents = 3
  79. AuditObjectAccess = 0
  80. AuditPrivilegeUse = 2
  81. AuditPolicyChange = 3
  82. AuditAccountManage = 3
  83. AuditProcessTracking = 0
  84. AuditLogonEvents = 2
  85.  
  86. [Registry Values]
  87. ; Registry value name in full path = Type, Value
  88. ; REG_SZ                      ( 1 )
  89. ; REG_EXPAND_SZ               ( 2 )  // with environment variables to expand
  90. ; REG_BINARY                  ( 3 )
  91. ; REG_DWORD                   ( 4 )
  92. ; REG_MULTI_SZ                ( 7 )
  93.  
  94. MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,0
  95. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,1
  96. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,1
  97. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,10
  98. MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,1
  99. MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0
  100. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DontDisplayLastUserName=1,1
  101. ;MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,30
  102. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption=1,""
  103. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText=1,""
  104. MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,1
  105. MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1
  106. MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0
  107. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ShutdownWithoutLogon=1,0
  108. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1
  109. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1
  110. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,0
  111. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnableSecuritySignature=4,1
  112. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\RequireSecuritySignature=4,0
  113. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,1
  114. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0
  115. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1
  116. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15
  117. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnablePlainTextPassword=4,0
  118. MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl=4,1
  119. MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\AddPrintDrivers=4,1
  120.  
  121. ;----------------------------------------------------------------------
  122. ;    Local Policies\User Rights Assignment
  123. ;----------------------------------------------------------------------
  124. ;SeNetworkLogonRight            = Access this computer from the network
  125. ;SeTcbPrivilege                 = Act as part of the operating System           - (Advanced)
  126. ;SeMachineAccountPrivilege      = Add workstations to the domain                - (Advanced)
  127. ;SeBackupPrivilege              = Back up files and directories
  128. ;SeChangeNotifyPrivilege        = Bypass traverse checking                      - (Advanced)
  129. ;SeSystemtimePrivilege          = Change the system time
  130. ;SeCreatePagefilePrivilege      = Create a pagefile                             - (Advanced)
  131. ;SeCreateTokenPrivilege         = Create a token object                         - (Advanced)
  132. ;SeCreatePermanentPrivilege     = Create permanent shared objects               - (Advanced)
  133. ;SeDebugPrivilege               = Debug programs                                - (Advanced)
  134. ;SeRemoteShutdownPrivilege      = Force shutdown from a remote system
  135. ;SeAuditPrivilege               = Generate security audits                      - (Advanced)
  136. ;SeIncreaseQuotaPrivilege       = Increase quotas                               - (Advanced)
  137. ;SeIncreaseBasePriorityPrivilege= Increase scheduling priority                  - (Advanced)
  138. ;SeLoadDriverPrivilege          = Load and unload device drivers
  139. ;SeLockMemoryPrivilege          = Lock pages in memory                          - (Advanced)
  140. ;SeBatchLogonRight              = Log on as a batch job                         - (Advanced)
  141. ;SeServiceLogonRight            = Log on as a service                           - (Advanced)
  142. ;SeInteractiveLogonRight        = Log on locally                                - (Advanced)
  143. ;SeSecurityPrivilege            = Manage auditing and security log              - (Advanced)
  144. ;SeSystemEnvironmentPrivilege   = Modify firmware environment variables         - (Advanced)
  145. ;SeProfileSingleProcessPrivilege= Profile single process                        - (Advanced)
  146. ;SeSystemProfilePrivilege       = Profile system performance                    - (Advanced)
  147. ;SeAssignPrimaryTokenPrivilege  = Replace a process-level token                 - (Advanced)
  148. ;SeRestorePrivilege             = Restore files and directories
  149. ;SeShutdownPrivilege            = Shut down the system
  150. ;SeTakeOwnershipPrivilege       = Take ownership of files or other objects
  151. ;SeUnsolicitedInputPrivilege                                                    - (Advanced)
  152. ;
  153. [Privilege Rights]
  154. SeAssignPrimaryTokenPrivilege =
  155. SeAuditPrivilege =
  156. SeBackupPrivilege = %SceInfAdmins%, %SceInfBackupOp%, %SceInfServerOp%
  157. ;SeBatchLogonRight = 
  158. ;SeChangeNotifyPrivilege = %SceInfEveryone%
  159. SeCreatePagefilePrivilege = %SceInfAdmins%
  160. SeCreatePermanentPrivilege =
  161. SeCreateTokenPrivilege =
  162. SeDebugPrivilege = %SceInfAdmins%
  163. SeIncreaseBasePriorityPrivilege = %SceInfAdmins%
  164. SeIncreaseQuotaPrivilege = %SceInfAdmins%
  165. ;SeInteractiveLogonRight = %SceInfAcountOp%, %SceInfAdmins%, %SceInfBackupOp%, %SceInfServerOp%, %SceInfPrintOp%
  166. SeLoadDriverPrivilege = %SceInfAdmins%
  167. SeLockMemoryPrivilege =
  168. ;SeMachineAccountPrivilege =
  169. SeNetworkLogonRight = %SceInfAcountOp%, %SceInfAdmins%, %SceInfBackupOp%, %SceInfServerOp%, %SceInfPrintOp%, %SceInfUsers%
  170. SeProfileSingleProcessPrivilege = %SceInfAdmins%
  171. SeRemoteShutdownPrivilege = %SceInfAdmins%, %SceInfServerOp%
  172. SeRestorePrivilege = %SceInfAdmins%, %SceInfBackupOp%, %SceInfServerOp%
  173. SeSecurityPrivilege = %SceInfAdmins%
  174. ;SeServiceLogonRight =
  175. SeShutdownPrivilege = %SceInfAdmins%, %SceInfServerOp%
  176. SeSystemEnvironmentPrivilege = %SceInfAdmins%
  177. SeSystemProfilePrivilege = %SceInfAdmins%
  178. SeSystemTimePrivilege = %SceInfAdmins%, %SceInfServerOp%
  179. SeTakeOwnershipPrivilege = %SceInfAdmins%
  180. ;SeTcbPrivilege =
  181.  
  182. ;----------------------------------------------------------------------
  183. ;    Restricted Groups
  184. ;----------------------------------------------------------------------
  185. [Group Membership]
  186. ;;%SceInfBackupOp%__Memberof =
  187. ;;%SceInfBackupOp%__Members =
  188. ;;%SceInfReplicator%__Memberof =
  189. ;;%SceInfReplicator%__Members =
  190. ;;%SceInfUsers%__Memberof =
  191. ;;%SceInfUsers%__Members =
  192. ;;%SceInfPowerUsers%__Memberof =
  193. ;;%SceInfPowerUsers%__Members =
  194. ;;%SceInfAdmins%__Memberof =
  195. ;;%SceInfAdmins%__Members =
  196. ;;%SceInfGuests%__Memberof =
  197. ;;%SceInfGuests%__Members =
  198.  
  199. ;---------------------------------------------------------------------------------------
  200. ;    Registry
  201. ;---------------------------------------------------------------------------------------
  202. [Registry Keys]
  203. "CLASSES_ROOT",2,"D:(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  204. "CLASSES_ROOT\helpfile",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  205. "CLASSES_ROOT\.hlp",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  206.  
  207. "MACHINE\Software",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  208.  
  209. "MACHINE\SOFTWARE\Classes",1,""
  210.  
  211. "MACHINE\SOFTWARE\Microsoft\NetDDE",2,"D:P(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  212. "MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider",1,""
  213. "MACHINE\SOFTWARE\Microsoft\Secure",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SO)(A;CI;GA;;;SY)"
  214.  
  215. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  216.  
  217. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  218. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  219. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  220. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  221. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  222. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Embedding",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  223. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)"
  224. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)"
  225. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  226. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  227. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  228. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  229. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  230. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI Extensions",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  231. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  232. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Midimap",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  233. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib",2,"D:P(A;CI;GR;;;IU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  234. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009",1,""
  235. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  236. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  237. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  238. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Type 1 Installer\Type 1 Fonts",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  239. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  240. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGW;;;SO)"
  241.  
  242. "MACHINE\SOFTWARE\Secure",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GA;;;SO)"
  243.  
  244. "MACHINE\System",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  245. "MACHINE\SYSTEM\Clone",1,""
  246.  
  247. "MACHINE\SYSTEM\ControlSet001",1,""
  248. "MACHINE\SYSTEM\ControlSet002",1,""
  249. "MACHINE\SYSTEM\ControlSet003",1,""
  250. "MACHINE\SYSTEM\ControlSet004",1,""
  251. "MACHINE\SYSTEM\ControlSet005",1,""
  252. "MACHINE\SYSTEM\ControlSet006",1,""
  253. "MACHINE\SYSTEM\ControlSet007",1,""
  254. "MACHINE\SYSTEM\ControlSet008",1,""
  255. "MACHINE\SYSTEM\ControlSet009",1,""
  256. "MACHINE\SYSTEM\ControlSet010",1,""
  257.  
  258. "MACHINE\SYSTEM\CurrentControlSet\Control",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  259. "MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  260. "MACHINE\SYSTEM\CurrentControlSet\Control\Lsa",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  261. "MACHINE\SYSTEM\CurrentControlSet\Control\PriorityControl",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  262. "MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions",1,""
  263. "MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg",2,"D:P(A;CI;GA;;;DA)(A;CI;GRGW;;;BO)"
  264.  
  265. "MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Executive",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGW;;;SO)"
  266. "MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  267.  
  268. "MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGW;;;SO)"
  269.  
  270. "MACHINE\SYSTEM\CurrentControlSet\Control\Windows",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGW;;;SO)"
  271.  
  272. "MACHINE\SYSTEM\CurrentControlSet\Enum",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;SY)"
  273.  
  274. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current",1,""
  275. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\Software",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGWSD;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  276.  
  277. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  278. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Enum",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  279. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Services",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  280.  
  281. "MACHINE\SYSTEM\CurrentControlSet\Services",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  282. "MACHINE\SYSTEM\CurrentControlSet\Services\EventLog",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  283. "MACHINE\SYSTEM\CurrentControlSet\Services\WinTrust",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  284.  
  285.  
  286. "USERS\.DEFAULT",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  287. "USERS\.DEFAULT\Software\Microsoft\NetDDE",2,"D:P(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  288. "USERS\.DEFAULT\SOFTWARE\Microsoft\Protected Storage System Provider",1,""
  289. "USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  290.  
  291. ;---------------------------------------------------------------------------------------
  292. ;    File System
  293. ;---------------------------------------------------------------------------------------
  294. [File Security]
  295.  
  296. ;---------------------------------------------------------------------------------------
  297. ;x86 Boot Files
  298. ;---------------------------------------------------------------------------------------
  299. "c:\boot.ini",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;SO)"
  300. "c:\ntdetect.com",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;SO)"
  301. "c:\ntldr",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;SO)"
  302. "c:\ntbootdd.sys",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;SO)"
  303. "c:\autoexec.bat",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;AU)(A;;GRGWGXSD;;;SO)"
  304. "c:\config.sys",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;AU)(A;;GRGWGXSD;;;SO)"
  305.  
  306. ;---------------------------------------------------------------------------------------------
  307. ;System Drive (\)
  308. ;---------------------------------------------------------------------------------------------
  309. "%SystemDrive%\Program Files",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;SO)"
  310. "%SystemDrive%\Temp",2,"D:P(A;CIOI;GA;;;CO)(A;;GRGWGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GRGWGXSD;;;SO)"
  311.  
  312. ;---------------------------------------------------------------------------------------------
  313. ;System Root (Typically \WINNT)
  314. ;---------------------------------------------------------------------------------------------
  315. "%SystemRoot%",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;SO)"
  316.  
  317. "%SystemRoot%\Help",2,"D:(A;;GW;;;AU)"
  318. "%SystemRoot%\profiles",1,""
  319. "%SystemRoot%\repair",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  320.  
  321. ;---------------------------------------------------------------------------------------------
  322. ;System Directory (Typically \Winnt\System32)
  323. ;---------------------------------------------------------------------------------------------
  324. "%SystemDirectory%\config",2,"D:P(A;CI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GRGX;;;SO)"
  325. "%SystemDirectory%\repl\import",2,"D:(A;CIOI;GRGWGXSD;;;RP)"
  326. "%SystemDirectory%\repl\export",2,"D:(A;CIOI;GRGWGXSD;;;RP)"
  327. "%SystemDirectory%\spool",2,"D:(A;CIOI;GA;;;PO)"
  328. "%SystemDirectory%\spool\printers",2,"D:P(A;CIOI;GA;;;CO)(A;CI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;PO)(A;CIOI;GA;;;SO)(A;CIOI;GA;;;SY)"
  329.  
  330. "%SystemDirectory%\hpmon.dll",2,"D:(A;;GRGWGXSD;;;PO)"
  331. "%SystemDirectory%\hpmon.hlp",2,"D:(A;;GRGWGXSD;;;PO)"
  332. "%SystemDirectory%\localmon.dll",2,"D:(A;;GRGWGXSD;;;PO)"
  333.  
  334. ;---------------------------------------------------------------------------------------
  335. ;    EOF
  336. ;---------------------------------------------------------------------------------------
  337.  
  338. [Strings]
  339.  
  340. SceInfAdministrator = Administrator
  341. SceInfAdmins = Administrators
  342. SceInfAcountOp = Account Operators
  343. SceInfAuthUsers = Authenticated Users
  344. SceInfBackupOp = Backup Operators
  345. SceInfDomainAdmins = Domain Admins
  346. SceInfDomainGuests = Domain Guests
  347. SceInfDomainUsers = Domain Users
  348. SceInfEveryone = Everyone
  349. SceInfGuests = Guests
  350. SceInfGuest = Guest
  351. SceInfPowerUsers = Power Users
  352. SceInfPrintOp = Print Operators
  353. SceInfReplicator = Replicator
  354. SceInfServerOp = Server Operators
  355. SceInfUsers = Users
  356. SceInfMTSAdmins = MTS Administrators
  357. SceInfMTSImpersonators = MTS Impersonators
  358. SceInfMTSAdmin = MTS_Admin
  359.