home *** CD-ROM | disk | FTP | other *** search
/ Hackers Handbook - Millenium Edition / Hackers Handbook.iso / files / nt / scesp4i.exe / mssce.cab / compdc4.inf < prev    next >
Encoding:
Windows Setup INFormation  |  1998-09-30  |  20.6 KB  |  368 lines
  1. ; (c) Microsoft Corporation 1997-2000
  2. ;
  3. ; Security Configuration Template for Security Configuration Editor
  4. ;
  5. ; Template Name:     CompDC4.INF
  6. ; Template Version:    04.00.CD.0000
  7. ;
  8. ; Revision History
  9. ; 0000    -    Original
  10.  
  11.  
  12. [Profile Description]
  13. Compatible Windows NT Domain Controller 4.0.
  14.  
  15. [version]
  16. signature="$CHICAGO$"
  17.  
  18. [System Access]
  19. ;----------------------------------------------------------------
  20. ;Account Policies - Password Policy
  21. ;----------------------------------------------------------------
  22. MinimumPasswordAge = 2
  23. MaximumPasswordAge = 42
  24. MinimumPasswordLength = 7
  25. PasswordComplexity = 1
  26. PasswordHistorySize = 6
  27. RequireLogonToChangePassword = 0
  28.  
  29. ;----------------------------------------------------------------
  30. ;Account Policies - Lockout Policy
  31. ;----------------------------------------------------------------
  32. LockoutBadCount = 5
  33. ResetLockoutCount = 720
  34. LockoutDuration = 30
  35.  
  36.  
  37. ;----------------------------------------------------------------
  38. ;Local Policies - Security Options
  39. ;----------------------------------------------------------------
  40. ;DC Only
  41. ForceLogoffWhenHourExpire = 1
  42.  
  43. ;NewAdministatorName =
  44. ;NewGuestName =
  45. ;SecureSystemPartition
  46.  
  47.  
  48. ;----------------------------------------------------------------
  49. ;Event Log - Log Settings
  50. ;----------------------------------------------------------------
  51. ;Audit Log Retention Period:
  52. ;0 = Overwrite Events As Needed
  53. ;1 = Overwrite Events As Specified by Retention Days Entry
  54. ;2 = Never Overwrite Events (Clear Log Manually)
  55.  
  56. [System Log]
  57. MaximumLogSize = 2560
  58. AuditLogRetentionPeriod = 0
  59. ;RetentionDays = 7
  60. RestrictGuestAccess = 1
  61.  
  62. [Security Log]
  63. MaximumLogSize = 2560
  64. AuditLogRetentionPeriod = 0
  65. ;RetentionDays = 7
  66. RestrictGuestAccess = 1
  67.  
  68. [Application Log]
  69. MaximumLogSize = 2560
  70. AuditLogRetentionPeriod = 0
  71. ;RetentionDays = 7
  72. RestrictGuestAccess = 1
  73.  
  74. [Event Audit]
  75.  
  76. AuditAccountManage = 3
  77. AuditSystemEvents = 3
  78. AuditLogonEvents = 2
  79. AuditObjectAccess = 0
  80. AuditPrivilegeUse = 2
  81. AuditPolicyChange = 3
  82. AuditProcessTracking = 0
  83.  
  84. ;----------------------------------------------------------------
  85. ;Registry Values
  86. ;----------------------------------------------------------------
  87. [Registry Values]
  88. ; Registry value name in full path = Type, Value
  89. ; REG_SZ                      ( 1 )
  90. ; REG_EXPAND_SZ               ( 2 )  // with environment variables to expand
  91. ; REG_BINARY                  ( 3 )
  92. ; REG_DWORD                   ( 4 )
  93. ; REG_MULTI_SZ                ( 7 )
  94.  
  95. MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,0
  96. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,1
  97. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,1
  98. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,10
  99. MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,1
  100. MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0
  101. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DontDisplayLastUserName=1,1
  102. ;MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,30
  103. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption=1,""
  104. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText=1,""
  105. MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,1
  106. MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1
  107. MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0
  108. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ShutdownWithoutLogon=1,0
  109. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1
  110. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1
  111. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,0
  112. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnableSecuritySignature=4,1
  113. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\RequireSecuritySignature=4,0
  114. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,1
  115. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0
  116. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1
  117. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15
  118. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnablePlainTextPassword=4,0
  119. MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl=4,0
  120. MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\AddPrintDrivers=4,0
  121.  
  122.  
  123. ;----------------------------------------------------------------------
  124. ;   Privileges & Rights
  125. ;----------------------------------------------------------------------
  126. ;
  127. ; Setting of privileges & logon rights for well-known users & groups.
  128. ;
  129. ;SeNetworkLogonRight            = Access this computer from the network
  130. ;SeTcbPrivilege                 = Act as part of the operating System           - (Advanced)
  131. ;SeMachineAccountPrivilege      = Add workstations to the domain                - (Advanced)
  132. ;SeBackupPrivilege              = Back up files and directories
  133. ;SeChangeNotifyPrivilege        = Bypass traverse checking                      - (Advanced)
  134. ;SeSystemtimePrivilege          = Change the system time
  135. ;SeCreatePagefilePrivilege      = Create a pagefile                             - (Advanced)
  136. ;SeCreateTokenPrivilege         = Create a token object                         - (Advanced)
  137. ;SeCreatePermanentPrivilege     = Create permanent shared objects               - (Advanced)
  138. ;SeDebugPrivilege               = Debug programs                                - (Advanced)
  139. ;SeRemoteShutdownPrivilege      = Force shutdown from a remote system
  140. ;SeAuditPrivilege               = Generate security audits                      - (Advanced)
  141. ;SeIncreaseQuotaPrivilege       = Increase quotas                               - (Advanced)
  142. ;SeIncreaseBasePriorityPrivilege= Increase scheduling priority                  - (Advanced)
  143. ;SeLoadDriverPrivilege          = Load and unload device drivers
  144. ;SeLockMemoryPrivilege          = Lock pages in memory                          - (Advanced)
  145. ;SeBatchLogonRight              = Log on as a batch job                         - (Advanced)
  146. ;SeServiceLogonRight            = Log on as a service                           - (Advanced)
  147. ;SeInteractiveLogonRight        = Log on locally                                - (Advanced)
  148. ;SeSecurityPrivilege            = Manage auditing and security log              - (Advanced)
  149. ;SeSystemEnvironmentPrivilege   = Modify firmware environment variables         - (Advanced)
  150. ;SeProfileSingleProcessPrivilege= Profile single process                        - (Advanced)
  151. ;SeSystemProfilePrivilege       = Profile system performance                    - (Advanced)
  152. ;SeAssignPrimaryTokenPrivilege  = Replace a process-level token                 - (Advanced)
  153. ;SeRestorePrivilege             = Restore files and directories
  154. ;SeShutdownPrivilege            = Shut down the system
  155. ;SeTakeOwnershipPrivilege       = Take ownership of files or other objects
  156. ;SeUnsolicitedInputPrivilege                                                    - (Advanced)
  157. ;
  158. [Privilege Rights]
  159. SeAssignPrimaryTokenPrivilege =
  160. SeAuditPrivilege =
  161. SeBackupPrivilege = %SceInfAdmins%, %SceInfBackupOp%, %SceInfServerOp%
  162. ;SeBatchLogonRight = 
  163. ;SeChangeNotifyPrivilege = %SceInfEveryone%
  164. SeCreatePagefilePrivilege = %SceInfAdmins%
  165. SeCreatePermanentPrivilege =
  166. SeCreateTokenPrivilege =
  167. SeDebugPrivilege = %SceInfAdmins%
  168. SeIncreaseBasePriorityPrivilege = %SceInfAdmins%
  169. SeIncreaseQuotaPrivilege = %SceInfAdmins%
  170. ;SeInteractiveLogonRight = %SceInfAcountOp%, %SceInfAdmins%, %SceInfBackupOp%, %SceInfServerOp%, %SceInfPrintOp%
  171. SeLoadDriverPrivilege = %SceInfAdmins%
  172. SeLockMemoryPrivilege =
  173. ;SeMachineAccountPrivilege =
  174. SeNetworkLogonRight = %SceInfAcountOp%, %SceInfAdmins%, %SceInfBackupOp%, %SceInfServerOp%, %SceInfPrintOp%, %SceInfUsers%
  175. SeProfileSingleProcessPrivilege = %SceInfAdmins%
  176. SeRemoteShutdownPrivilege = %SceInfAdmins%, %SceInfServerOp%
  177. ;SeRestorePrivilege = %SceInfAdmins%, %SceInfBackupOp%, %SceInfServerOp%
  178. SeSecurityPrivilege = %SceInfAdmins%
  179. ;SeServiceLogonRight =
  180. SeShutdownPrivilege = %SceInfAdmins%, %SceInfServerOp%
  181. SeSystemEnvironmentPrivilege = %SceInfAdmins%
  182. SeSystemProfilePrivilege = %SceInfAdmins%
  183. SeSystemTimePrivilege = %SceInfAdmins%, %SceInfServerOp%
  184. SeTakeOwnershipPrivilege = %SceInfAdmins%
  185. ;SeTcbPrivilege =
  186.  
  187. [Registry Keys]
  188. ;CompatDC = DefaultDC HKLM\Software + SecureDC HKLM\System
  189. ;Run Secured.
  190.  
  191.  
  192. [Registry Keys]
  193. "CLASSES_ROOT",2,"D:(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;IU)"
  194. "CLASSES_ROOT\helpfile",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  195. "CLASSES_ROOT\.hlp",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  196.  
  197. "MACHINE\SOFTWARE",2,"D:P(A;CI;GRGWSD;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  198.  
  199. "MACHINE\SOFTWARE\Classes",1,""
  200.  
  201. "MACHINE\SOFTWARE\Microsoft\NetDDE",2,"D:P(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  202. "MACHINE\SOFTWARE\Microsoft\Ole",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  203. "MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider",1,""
  204. "MACHINE\SOFTWARE\Microsoft\Rpc",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  205. "MACHINE\SOFTWARE\Microsoft\Secure",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;SO)"
  206.  
  207. "MACHINE\SOFTWARE\Microsoft\Windows",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  208. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  209. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  210. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  211. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  212. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  213. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  214.  
  215. "MACHINE\SOFTWARE\Microsoft\Windows NT",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  216. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  217. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  218. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  219. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  220. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  221. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Embedding",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  222. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)"
  223. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)"
  224. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  225. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  226. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  227. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  228. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  229. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI Extensions",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  230. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  231. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Midimap",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  232. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  233. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009",1,""
  234. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  235. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  236. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  237. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Type 1 Installer\Type 1 Fonts",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  238. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  239. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  240. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  241.  
  242. "MACHINE\SOFTWARE\Program Groups",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;SO)"
  243.  
  244. "MACHINE\SOFTWARE\Secure",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;SO)"
  245.  
  246. "MACHINE\System",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  247. "MACHINE\SYSTEM\Clone",1,""
  248.  
  249. "MACHINE\SYSTEM\ControlSet001",1,""
  250. "MACHINE\SYSTEM\ControlSet002",1,""
  251. "MACHINE\SYSTEM\ControlSet003",1,""
  252. "MACHINE\SYSTEM\ControlSet004",1,""
  253. "MACHINE\SYSTEM\ControlSet005",1,""
  254. "MACHINE\SYSTEM\ControlSet006",1,""
  255. "MACHINE\SYSTEM\ControlSet007",1,""
  256. "MACHINE\SYSTEM\ControlSet008",1,""
  257. "MACHINE\SYSTEM\ControlSet009",1,""
  258. "MACHINE\SYSTEM\ControlSet010",1,""
  259.  
  260. "MACHINE\SYSTEM\CurrentControlSet\Control",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  261. "MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  262. "MACHINE\SYSTEM\CurrentControlSet\Control\Lsa",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  263. "MACHINE\SYSTEM\CurrentControlSet\Control\PriorityControl",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  264. "MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions",1,""
  265. "MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg",2,"D:P(A;CI;GA;;;DA)(A;CI;GRGW;;;BO)"
  266.  
  267. "MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Executive",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGW;;;SO)"
  268. "MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  269.  
  270. "MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGW;;;SO)"
  271.  
  272. "MACHINE\SYSTEM\CurrentControlSet\Control\Windows",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGW;;;SO)"
  273.  
  274. "MACHINE\SYSTEM\CurrentControlSet\Enum",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;SY)"
  275.  
  276. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current",1,""
  277. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\Software",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGWSD;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  278.  
  279. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Control",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  280. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Enum",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  281. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\System\CurrentControlSet\Services",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  282.  
  283. "MACHINE\SYSTEM\CurrentControlSet\Services",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  284. "MACHINE\SYSTEM\CurrentControlSet\Services\EventLog",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  285. "MACHINE\SYSTEM\CurrentControlSet\Services\WinTrust",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  286.  
  287. "USERS\.DEFAULT",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  288. "USERS\.DEFAULT\Software\Microsoft\NetDDE",2,"D:P(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  289. "USERS\.DEFAULT\SOFTWARE\Microsoft\Protected Storage System Provider",1,""
  290. "USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;SO)"
  291.  
  292.  
  293. [File Security]
  294.  
  295. ;---------------------------------------------------------------------------------------
  296. ;x86 Boot Files
  297. ;---------------------------------------------------------------------------------------
  298. "c:\boot.ini",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;SO)"
  299. "c:\ntdetect.com",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;SO)"
  300. "c:\ntldr",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;SO)"
  301. "c:\ntbootdd.sys",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;SO)"
  302. "c:\autoexec.bat",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;AU)(A;;GRGWGXSD;;;SO)"
  303. "c:\config.sys",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;AU)(A;;GRGWGXSD;;;SO)"
  304.  
  305. ;---------------------------------------------------------------------------------------------
  306. ;System Drive (\)
  307. ;---------------------------------------------------------------------------------------------
  308. "%SystemDrive%\Program Files",2,"D:P(A;CIOI;GRGWGXSD;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)"
  309. "%SystemDrive%\Temp",2,"D:P(A;CIOI;GRGWGXSD;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)"
  310.  
  311. ;---------------------------------------------------------------------------------------------
  312. ;System Root (Typically \WINNT)
  313. ;---------------------------------------------------------------------------------------------
  314. "%SystemRoot%",2,"D:P(A;CI;GRGWGXSD;;;AU)(A;OIIO;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;SO)"
  315. "%SystemRoot%\profiles",1,""
  316. "%SystemRoot%\repair",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  317. "%SystemRoot%\security",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  318.  
  319. "%Systemroot%\win.ini",2,"D:P(A;;GRGWGXSD;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)"
  320.  
  321. ;---------------------------------------------------------------------------------------------
  322. ;System Directory (Typically \Winnt\System32)
  323. ;Exceptions to Mod-CI, RX-OIIO
  324. ;---------------------------------------------------------------------------------------------
  325. "%SystemDirectory%\config",2,"D:P(A;CI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;SO)"
  326. "%SystemDirectory%\dhcp",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;SO)"
  327. "%SystemDirectory%\drivers",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;SO)"
  328. "%SystemDirectory%\repl",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;SO)"
  329. "%SystemDirectory%\repl\import",2,"D:(A;CIOI;GRGWGXSD;;;RP)"
  330. "%SystemDirectory%\repl\export",2,"D:(A;CIOI;GRGWGXSD;;;RP)"
  331. "%SystemDirectory%\spool",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;SO)(A;CIOI;GA;;;PO)"
  332.  
  333. "%SystemDirectory%\Autoexec.nt",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;AU)(A;;GRGWGXSD;;;SO)"
  334. "%SystemDirectory%\CMOS.RAM",2,"D:P(A;;GRGWGXSD;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)"
  335. "%SystemDirectory%\Config.nt",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;AU)(A;;GRGWGXSD;;;SO)"
  336. "%SystemDirectory%\Midimap.cfg",2,"D:P(A;;GRGWGXSD;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)"
  337.  
  338. "%SystemDirectory%\hpmon.dll",2,"D:(A;;GRGWGXSD;;;PO)"
  339. "%SystemDirectory%\hpmon.hlp",2,"D:(A;;GRGWGXSD;;;PO)"
  340. "%SystemDirectory%\localmon.dll",2,"D:(A;;GRGWGXSD;;;PO)"
  341.  
  342.  
  343. ;---------------------------------------------------------------------------------------
  344. ;    EOF
  345. ;---------------------------------------------------------------------------------------
  346.  
  347. [Strings]
  348.  
  349. SceInfAdministrator = Administrator
  350. SceInfAdmins = Administrators
  351. SceInfAcountOp = Account Operators
  352. SceInfAuthUsers = Authenticated Users
  353. SceInfBackupOp = Backup Operators
  354. SceInfDomainAdmins = Domain Admins
  355. SceInfDomainGuests = Domain Guests
  356. SceInfDomainUsers = Domain Users
  357. SceInfEveryone = Everyone
  358. SceInfGuests = Guests
  359. SceInfGuest = Guest
  360. SceInfPowerUsers = Power Users
  361. SceInfPrintOp = Print Operators
  362. SceInfReplicator = Replicator
  363. SceInfServerOp = Server Operators
  364. SceInfUsers = Users
  365. SceInfMTSAdmins = MTS Administrators
  366. SceInfMTSImpersonators = MTS Impersonators
  367. SceInfMTSAdmin = MTS_Admin
  368.