home *** CD-ROM | disk | FTP | other *** search
/ Hackers Handbook - Millenium Edition / Hackers Handbook.iso / files / nt / scesp4i.exe / mssce.cab / compws4.inf < prev    next >
Encoding:
Windows Setup INFormation  |  1998-09-30  |  20.2 KB  |  377 lines
  1. ; (c) Microsoft Corporation 1997-2000
  2. ;
  3. ; Security Configuration Template for Security Configuration Editor
  4. ;
  5. ; Template Name:        CompWS4.INF
  6. ; Template Version:     04.00.CW.0000
  7. ;
  8. ; Revision History
  9. ; 0000  -     Original
  10.  
  11. [Profile Description]
  12. Compatible Windows NT Workstation\Server 4.0.
  13.  
  14. [version]
  15. signature="$CHICAGO$"
  16.  
  17. [System Access]
  18. ;----------------------------------------------------------------
  19. ;Account Policies - Password Policy
  20. ;----------------------------------------------------------------
  21. MinimumPasswordAge = 2
  22. MaximumPasswordAge = 42
  23. MinimumPasswordLength = 7
  24. PasswordComplexity = 1
  25. PasswordHistorySize = 6
  26. RequireLogonToChangePassword = 0
  27. ClearTextPassword = 0
  28.  
  29. ;----------------------------------------------------------------
  30. ;Account Policies - Lockout Policy
  31. ;----------------------------------------------------------------
  32. LockoutBadCount = 5
  33. ResetLockoutCount = 720
  34. LockoutDuration = 30
  35.  
  36. ;----------------------------------------------------------------
  37. ;Local Policies - Security Options
  38. ;----------------------------------------------------------------
  39. ;DC Only
  40. ;ForceLogoffWhenHourExpire = 1
  41.  
  42. ;NewAdministatorName =
  43. ;NewGuestName =
  44. ;SecureSystemPartition
  45.  
  46. ;----------------------------------------------------------------
  47. ;Event Log - Log Settings
  48. ;----------------------------------------------------------------
  49. ;Audit Log Retention Period:
  50. ;0 = Overwrite Events As Needed
  51. ;1 = Overwrite Events As Specified by Retention Days Entry
  52. ;2 = Never Overwrite Events (Clear Log Manually)
  53.  
  54. [System Log]
  55. MaximumLogSize = 2560
  56. AuditLogRetentionPeriod = 0
  57. RetentionDays = 7
  58. RestrictGuestAccess = 1
  59.  
  60. [Security Log]
  61. MaximumLogSize = 2560
  62. AuditLogRetentionPeriod = 0
  63. RetentionDays = 7
  64. RestrictGuestAccess = 1
  65.  
  66. [Application Log]
  67. MaximumLogSize = 2560
  68. AuditLogRetentionPeriod = 0
  69. RetentionDays = 7
  70. RestrictGuestAccess = 1
  71.  
  72. ;----------------------------------------------------------------------
  73. ;    Local Policies\Audit Policy
  74. ;----------------------------------------------------------------------
  75. [Event Audit]
  76. AuditSystemEvents = 3
  77. AuditObjectAccess = 0
  78. AuditPrivilegeUse = 2
  79. AuditPolicyChange = 3
  80. AuditAccountManage = 3
  81. AuditProcessTracking = 0
  82. AuditLogonEvents = 2
  83.  
  84. ;----------------------------------------------------------------
  85. ;Registry Values
  86. ;----------------------------------------------------------------
  87. [Registry Values]
  88. ; Registry value name in full path = Type, Value
  89. ; REG_SZ                      ( 1 )
  90. ; REG_EXPAND_SZ               ( 2 )  // with environment variables to expand
  91. ; REG_BINARY                  ( 3 )
  92. ; REG_DWORD                   ( 4 )
  93. ; REG_MULTI_SZ                ( 7 )
  94.  
  95. MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,0
  96. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,1
  97. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,1
  98. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,10
  99. MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,1
  100. MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0
  101. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DontDisplayLastUserName=1,0
  102. ;MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,30
  103. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption=1,""
  104. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText=1,""
  105. MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,1
  106. MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1
  107. MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0
  108. ;Shutdown without logon should disabled only for machines whose power switch is physically secured.
  109. ;Don't set since server workstation defaults are different
  110. ;MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ShutdownWithoutLogon=1,0
  111. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1
  112. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1
  113. MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,0
  114. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnableSecuritySignature=4,0
  115. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\RequireSecuritySignature=4,0
  116. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,1
  117. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0
  118. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1
  119. MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15
  120. MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnablePlainTextPassword=4,0
  121. ;MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl=4,0
  122. MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\AddPrintDrivers=4,0
  123.  
  124.  
  125.  
  126. ;----------------------------------------------------------------------
  127. ;    Local Policies\User Rights Assignment
  128. ;----------------------------------------------------------------------
  129. ;SeNetworkLogonRight            = Access this computer from the network
  130. ;SeTcbPrivilege                 = Act as part of the operating System           - (Advanced)
  131. ;SeMachineAccountPrivilege      = Add workstations to the domain                - (Advanced)
  132. ;SeBackupPrivilege              = Back up files and directories
  133. ;SeChangeNotifyPrivilege        = Bypass traverse checking                      - (Advanced)
  134. ;SeSystemtimePrivilege          = Change the system time
  135. ;SeCreatePagefilePrivilege      = Create a pagefile                             - (Advanced)
  136. ;SeCreateTokenPrivilege         = Create a token object                         - (Advanced)
  137. ;SeCreatePermanentPrivilege     = Create permanent shared objects               - (Advanced)
  138. ;SeDebugPrivilege               = Debug programs                                - (Advanced)
  139. ;SeRemoteShutdownPrivilege      = Force shutdown from a remote system
  140. ;SeAuditPrivilege               = Generate security audits                      - (Advanced)
  141. ;SeIncreaseQuotaPrivilege       = Increase quotas                               - (Advanced)
  142. ;SeIncreaseBasePriorityPrivilege= Increase scheduling priority                  - (Advanced)
  143. ;SeLoadDriverPrivilege          = Load and unload device drivers
  144. ;SeLockMemoryPrivilege          = Lock pages in memory                          - (Advanced)
  145. ;SeBatchLogonRight              = Log on as a batch job                         - (Advanced)
  146. ;SeServiceLogonRight            = Log on as a service                           - (Advanced)
  147. ;SeInteractiveLogonRight        = Log on locally                                - (Advanced)
  148. ;SeSecurityPrivilege            = Manage auditing and security log              - (Advanced)
  149. ;SeSystemEnvironmentPrivilege   = Modify firmware environment variables         - (Advanced)
  150. ;SeProfileSingleProcessPrivilege= Profile single process                        - (Advanced)
  151. ;SeSystemProfilePrivilege       = Profile system performance                    - (Advanced)
  152. ;SeAssignPrimaryTokenPrivilege  = Replace a process-level token                 - (Advanced)
  153. ;SeRestorePrivilege             = Restore files and directories
  154. ;SeShutdownPrivilege            = Shut down the system
  155. ;SeTakeOwnershipPrivilege       = Take ownership of files or other objects
  156. ;SeUnsolicitedInputPrivilege                                                    - (Advanced)
  157. ;
  158. [Privilege Rights]
  159. SeAssignPrimaryTokenPrivilege =
  160. SeAuditPrivilege =
  161. SeBackupPrivilege = %SceInfAdmins%, %SceInfBackupOp%
  162. ;SeBatchLogonRight = 
  163. ;SeChangeNotifyPrivilege = %SceInfEveryone%
  164. SeCreatePagefilePrivilege = %SceInfAdmins%
  165. SeCreatePermanentPrivilege =
  166. SeCreateTokenPrivilege =
  167. SeDebugPrivilege = %SceInfAdmins%
  168. SeIncreaseBasePriorityPrivilege = %SceInfAdmins%, %SceInfPowerUsers%
  169. SeIncreaseQuotaPrivilege = %SceInfAdmins%
  170. SeInteractiveLogonRight = %SceInfAdmins%, %SceInfBackupOp%, %SceInfPowerUsers%, %SceInfUsers%
  171. SeLoadDriverPrivilege = %SceInfAdmins%
  172. SeLockMemoryPrivilege =
  173. ;SeMachineAccountPrivilege =
  174. SeNetworkLogonRight = %SceInfAdmins%, %SceInfPowerUsers%, %SceInfUsers%
  175. SeProfileSingleProcessPrivilege = %SceInfAdmins%, %SceInfPowerUsers%
  176. SeRemoteShutdownPrivilege = %SceInfAdmins%, %SceInfPowerUsers%
  177. SeRestorePrivilege = %SceInfAdmins%, %SceInfBackupOp%
  178. SeSecurityPrivilege = %SceInfAdmins%
  179. ;SeServiceLogonRight =
  180. SeShutdownPrivilege = %SceInfAdmins%, %SceInfPowerUsers%, %SceInfUsers%
  181. SeSystemEnvironmentPrivilege = %SceInfAdmins%
  182. SeSystemProfilePrivilege = %SceInfAdmins%
  183. SeSystemTimePrivilege = %SceInfAdmins%, %SceInfPowerUsers%
  184. SeTakeOwnershipPrivilege = %SceInfAdmins%
  185. ;SeTcbPrivilege =
  186.  
  187.  
  188. ;----------------------------------------------------------------------
  189. ;    Restricted Groups
  190. ;----------------------------------------------------------------------
  191. [Group Membership]
  192.  
  193. ;;%SceInfBackupOp%__Memberof =
  194. ;;%SceInfBackupOp%__Members =
  195. ;;%SceInfReplicator%__Memberof =
  196. ;;%SceInfReplicator%__Members =
  197. ;;%SceInfUsers%__Memberof =
  198. ;;%SceInfUsers%__Members =
  199. ;;%SceInfPowerUsers%__Memberof =
  200. ;;%SceInfPowerUsers%__Members =
  201. ;;%SceInfAdmins%__Memberof =
  202. ;;%SceInfAdmins%__Members =
  203. ;;%SceInfGuests%__Memberof =
  204. ;;%SceInfGuests%__Members =
  205.  
  206. ;---------------------------------------------------------------------------------------
  207. ;    Registry
  208. ;---------------------------------------------------------------------------------------
  209. [Registry Keys]
  210. "CLASSES_ROOT",2,"D:(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;IU)"
  211. "CLASSES_ROOT\helpfile",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  212. "CLASSES_ROOT\.hlp",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  213.  
  214. "MACHINE\SOFTWARE",2,"D:P(A;CI;GRGWSD;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  215.  
  216. "MACHINE\SOFTWARE\Classes",1,""
  217.  
  218. "MACHINE\SOFTWARE\Microsoft\NetDDE",2,"D:P(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  219. "MACHINE\SOFTWARE\Microsoft\Ole",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  220. "MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider",1,""
  221. "MACHINE\SOFTWARE\Microsoft\Rpc",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  222. "MACHINE\SOFTWARE\Microsoft\Secure",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  223. "MACHINE\SOFTWARE\Microsoft\Windows",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;PU)"
  224.  
  225. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  226. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGWSD;;;PU)"
  227. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  228. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;PU)"
  229. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;PU)"
  230.  
  231. "MACHINE\SOFTWARE\Microsoft\Windows NT",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GRGWSD;;;PU)"
  232. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)(A;CI;GRGW;;;PU)"
  233. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  234. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  235. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  236. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  237. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Embedding",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  238. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)"
  239. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)"
  240. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  241. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  242. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  243. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  244. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  245. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI Extensions",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  246. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  247. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Midimap",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  248. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  249. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009",1,""
  250. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  251. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  252. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  253. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Type 1 Installer\Type 1 Fonts",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  254. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  255. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  256. "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  257.  
  258. "MACHINE\SOFTWARE\Program Groups",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)(A;CI;GRGWSD;;;PU)"
  259.  
  260. "MACHINE\SOFTWARE\Secure",2,"D:P(A;CI;GA;;;CO)(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  261.  
  262. "MACHINE\SYSTEM",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  263.  
  264. "MACHINE\SYSTEM\Clone",1,""
  265.  
  266. "MACHINE\SYSTEM\ControlSet010",1,""
  267. "MACHINE\SYSTEM\ControlSet009",1,""
  268. "MACHINE\SYSTEM\ControlSet008",1,""
  269. "MACHINE\SYSTEM\ControlSet007",1,""
  270. "MACHINE\SYSTEM\ControlSet006",1,""
  271. "MACHINE\SYSTEM\ControlSet005",1,""
  272. "MACHINE\SYSTEM\ControlSet004",1,""
  273. "MACHINE\SYSTEM\ControlSet003",1,""
  274. "MACHINE\SYSTEM\ControlSet002",1,""
  275. "MACHINE\SYSTEM\ControlSet001",1,""
  276.  
  277. "MACHINE\SYSTEM\CurrentControlSet\Enum",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;SY)"
  278.  
  279. "MACHINE\SYSTEM\CurrentControlSet\Control\PriorityControl",2,"D:P(A;CI;GRGW;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;CO)(A;CI;GA;;;SY)"
  280. "MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions",1,""
  281. "MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg",2,"D:P(A;CI;GA;;;DA)(A;CI;GRGW;;;BO)"
  282.  
  283. "MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Executive",2,"D:(A;CI;GRGW;;;PU)"
  284.  
  285. "MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation",2,"D:(A;CI;GRGW;;;PU)"
  286.  
  287. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current",1,""
  288. "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\Software",2,"D:P(A;CI;GA;;;CO)(A;CI;GRGWSD;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  289.  
  290.  
  291. "USERS\.DEFAULT",2,"D:P(A;CI;GR;;;AU)(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  292. "USERS\.DEFAULT\Software\Microsoft\NetDDE",2,"D:P(A;CI;GA;;;DA)(A;CI;GA;;;SY)"
  293. "USERS\.DEFAULT\SOFTWARE\Microsoft\Protected Storage System Provider",1,""
  294. "USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies",2,"D:(A;CI;GA;;;CO)(A;CI;GRGWSD;;;PU)"
  295.  
  296. ;---------------------------------------------------------------------------------------
  297. ;    File System
  298. ;---------------------------------------------------------------------------------------
  299. [File Security]
  300.  
  301. ;---------------------------------------------------------------------------------------
  302. ;x86 Boot Files
  303. ;---------------------------------------------------------------------------------------
  304. "c:\boot.ini",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;PU)"
  305. "c:\ntdetect.com",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;PU)"
  306. "c:\ntldr",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;PU)"
  307. "c:\ntbootdd.sys",2,"D:P(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGX;;;PU)"
  308. "c:\autoexec.bat",2,"D:P(A;;GRGX;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;PU)"
  309. "c:\config.sys",2,"D:P(A;;GRGX;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;PU)"
  310.  
  311. ;---------------------------------------------------------------------------------------------
  312. ;System Drive (\)
  313. ;---------------------------------------------------------------------------------------------
  314. "%SystemDrive%\Program Files",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;AU)"
  315. "%SystemDrive%\Temp",2,"D:P(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  316.  
  317. ;---------------------------------------------------------------------------------------------
  318. ;System Root (Typically \WINNT)
  319. ;---------------------------------------------------------------------------------------------
  320. "%SystemRoot%",2,"D:P(A;CI;GRGWGXSD;;;AU)(A;OIIO;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)"
  321. "%SystemRoot%\profiles",1,""
  322. "%SystemRoot%\repair",2,"D:P(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  323. "%SystemRoot%\security",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  324. "%SystemRoot%\setup.old",2,"D:(A;;GRGWGXSD;;;IU)"
  325. ;Shell Exception (IE401)
  326. "%SystemRoot%\fpxpress.ini",2,"D:(A;;GRGWGXSD;;;IU)"
  327.  
  328. "%SystemRoot%\win.ini",2,"D:P(A;;GRGWGXSD;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)"
  329.  
  330. ;---------------------------------------------------------------------------------------------
  331. ;System Directory (Typically \Winnt\System32)
  332. ;---------------------------------------------------------------------------------------------
  333. "%SystemDirectory%\config",2,"D:P(A;CI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  334. "%SystemDirectory%\dhcp",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  335. "%SystemDirectory%\drivers",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  336. "%SystemDirectory%\repl",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)"
  337. "%SystemDirectory%\repl\import",2,"D:(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;RP)"
  338. "%SystemDirectory%\repl\export",2,"D:(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;RP)"
  339. "%SystemDirectory%\spool",2,"D:P(A;CIOI;GRGX;;;AU)(A;CIOI;GA;;;DA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;PU)"
  340.  
  341. "%SystemDirectory%\hpmon.dll",2,"D:(A;;GRGWGXSD;;;PU)"
  342. "%SystemDirectory%\hpmon.hlp",2,"D:(A;;GRGWGXSD;;;PU)"
  343. "%SystemDirectory%\localmon.dll",2,"D:(A;;GRGWGXSD;;;PU)"
  344.  
  345. "%SystemDirectory%\Autoexec.nt",2,"D:P(A;;GRGX;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;PU)"
  346. "%SystemDirectory%\CMOS.RAM",2,"D:P(A;;GRGWGXSD;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)"
  347. "%SystemDirectory%\Config.nt",2,"D:P(A;;GRGX;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)(A;;GRGWGXSD;;;PU)"
  348. "%SystemDirectory%\midimap.cfg",2,"D:P(A;;GRGWGX;;;AU)(A;;GA;;;DA)(A;;GA;;;SY)"
  349.  
  350. ;---------------------------------------------------------------------------------------
  351. ;    EOF
  352. ;---------------------------------------------------------------------------------------
  353.  
  354.  
  355.  
  356. [Strings]
  357.  
  358. SceInfAdministrator = Administrator
  359. SceInfAdmins = Administrators
  360. SceInfAcountOp = Account Operators
  361. SceInfAuthUsers = Authenticated Users
  362. SceInfBackupOp = Backup Operators
  363. SceInfDomainAdmins = Domain Admins
  364. SceInfDomainGuests = Domain Guests
  365. SceInfDomainUsers = Domain Users
  366. SceInfEveryone = Everyone
  367. SceInfGuests = Guests
  368. SceInfGuest = Guest
  369. SceInfPowerUsers = Power Users
  370. SceInfPrintOp = Print Operators
  371. SceInfReplicator = Replicator
  372. SceInfServerOp = Server Operators
  373. SceInfUsers = Users
  374. SceInfMTSAdmins = MTS Administrators
  375. SceInfMTSImpersonators = MTS Impersonators
  376. SceInfMTSAdmin = MTS_Admin
  377.