Created
August 29, 2017 23:33
-
-
Save davidobrien1985/b2f01dc4c47329db447e94c8e2e45e41 to your computer and use it in GitHub Desktop.
dscFromGpo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Configuration DSCFromGPO | |
| { | |
| Import-DSCResource -ModuleName 'PSDesiredStateConfiguration' | |
| Import-DSCResource -ModuleName 'AuditPolicyDSC' | |
| Import-DSCResource -ModuleName 'SecurityPolicyDSC' | |
| Import-DSCResource -ModuleName 'BaselineManagement' | |
| # Module Not Found: Import-DSCResource -ModuleName 'xSMBShare' | |
| # Module Not Found: Import-DSCResource -ModuleName 'DSCR_PowerPlan' | |
| # Module Not Found: Import-DSCResource -ModuleName 'xScheduledTask' | |
| # Module Not Found: Import-DSCResource -ModuleName 'Carbon' | |
| # Module Not Found: Import-DSCResource -ModuleName 'PrinterManagement' | |
| # Module Not Found: Import-DSCResource -ModuleName 'rsInternationalSettings' | |
| Node localhost | |
| { | |
| Registry 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun' | |
| { | |
| ValueName = 'NoDriveTypeAutoRun' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAutorun' | |
| { | |
| ValueName = 'NoAutorun' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableAutomaticRestartSignOn' | |
| { | |
| ValueName = 'DisableAutomaticRestartSignOn' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableAutomaticRestartSignOn' | |
| { | |
| ValueName = 'DisableAutomaticRestartSignOn' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| }#> | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy' | |
| { | |
| ValueName = 'LocalAccountTokenFilterPolicy' | |
| Key = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft Services\AdmPwd\AdmPwdEnabled' | |
| { | |
| ValueName = 'AdmPwdEnabled' | |
| Key = 'HKLM:\Software\Policies\Microsoft Services\AdmPwd' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Biometrics\FacialFeatures\EnhancedAntiSpoofing' | |
| { | |
| ValueName = 'EnhancedAntiSpoofing' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Biometrics\FacialFeatures' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\DisableAntiSpyware' | |
| { | |
| ValueName = 'DisableAntiSpyware' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows Defender' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableBehaviorMonitoring' | |
| { | |
| ValueName = 'DisableBehaviorMonitoring' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows Defender\Real-Time Protection' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Scan\DisableRemovableDriveScanning' | |
| { | |
| ValueName = 'DisableRemovableDriveScanning' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows Defender\Scan' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Scan\DisableEmailScanning' | |
| { | |
| ValueName = 'DisableEmailScanning' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows Defender\Scan' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet\SubmitSamplesConsent' | |
| { | |
| ValueName = 'SubmitSamplesConsent' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet\SubmitSamplesConsent' | |
| { | |
| ValueName = 'SubmitSamplesConsent' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet' | |
| }#> | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet\LocalSettingOverrideSpynetReporting' | |
| { | |
| ValueName = 'LocalSettingOverrideSpynetReporting' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet\SpynetReporting' | |
| { | |
| ValueName = 'SpynetReporting' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows Defender\Spynet' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\MitigationOptions\MitigationOptions_FontBocking' | |
| { | |
| ValueName = 'MitigationOptions_FontBocking' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\MitigationOptions' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows NT\Rpc\RestrictRemoteClients' | |
| { | |
| ValueName = 'RestrictRemoteClients' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows NT\Rpc' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel' | |
| { | |
| ValueName = 'MinEncryptionLevel' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fDisableCdm' | |
| { | |
| ValueName = 'fDisableCdm' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\DisablePasswordSaving' | |
| { | |
| ValueName = 'DisablePasswordSaving' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fPromptForPassword' | |
| { | |
| ValueName = 'fPromptForPassword' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel' | |
| { | |
| ValueName = 'MinEncryptionLevel' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' | |
| }#> | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fEncryptRPCTraffic' | |
| { | |
| ValueName = 'fEncryptRPCTraffic' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\EnableVirtualizationBasedSecurity' | |
| { | |
| ValueName = 'EnableVirtualizationBasedSecurity' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\HypervisorEnforcedCodeIntegrity' | |
| { | |
| ValueName = 'HypervisorEnforcedCodeIntegrity' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\LsaCfgFlags' | |
| { | |
| ValueName = 'LsaCfgFlags' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\RequirePlatformSecurityFeatures' | |
| { | |
| ValueName = 'RequirePlatformSecurityFeatures' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\Application\MaxSize' | |
| { | |
| ValueName = 'MaxSize' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\EventLog\Application' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\Security\MaxSize' | |
| { | |
| ValueName = 'MaxSize' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\EventLog\Security' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\EventLog\System\MaxSize' | |
| { | |
| ValueName = 'MaxSize' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\EventLog\System' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Explorer\NoDataExecutionPrevention' | |
| { | |
| ValueName = 'NoDataExecutionPrevention' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Explorer' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Explorer\NoHeapTerminationOnCorruption' | |
| { | |
| ValueName = 'NoHeapTerminationOnCorruption' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Explorer' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Explorer\NoAutoplayfornonVolume' | |
| { | |
| ValueName = 'NoAutoplayfornonVolume' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Explorer' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\NoGPOListChanges' | |
| { | |
| ValueName = 'NoGPOListChanges' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\NoBackgroundPolicy' | |
| { | |
| ValueName = 'NoBackgroundPolicy' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Installer\EnableUserControl' | |
| { | |
| ValueName = 'EnableUserControl' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Installer' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Installer\AlwaysInstallElevated' | |
| { | |
| ValueName = 'AlwaysInstallElevated' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Installer' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Installer\AlwaysInstallElevated' | |
| { | |
| ValueName = 'AlwaysInstallElevated' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Installer' | |
| }#> | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\LanmanWorkstation\AllowInsecureGuestAuth' | |
| { | |
| ValueName = 'AllowInsecureGuestAuth' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\LanmanWorkstation' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\\*\NETLOGON' | |
| { | |
| ValueName = '\\*\NETLOGON' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\\*\SYSVOL' | |
| { | |
| ValueName = '\\*\SYSVOL' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Personalization\NoLockScreenSlideshow' | |
| { | |
| ValueName = 'NoLockScreenSlideshow' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Personalization' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Personalization\NoLockScreenCamera' | |
| { | |
| ValueName = 'NoLockScreenCamera' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Personalization' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Personalization\NoLockScreenCamera' | |
| { | |
| ValueName = 'NoLockScreenCamera' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Personalization' | |
| }#> | |
| <#Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\Personalization\NoLockScreenSlideshow' | |
| { | |
| ValueName = 'NoLockScreenSlideshow' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\Personalization' | |
| }#> | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging\EnableScriptBlockInvocationLogging' | |
| { | |
| ValueName = 'EnableScriptBlockInvocationLogging' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging\EnableScriptBlockLogging' | |
| { | |
| ValueName = 'EnableScriptBlockLogging' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\System\DontDisplayNetworkSelectionUI' | |
| { | |
| ValueName = 'DontDisplayNetworkSelectionUI' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\System' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\System\EnableSmartScreen' | |
| { | |
| ValueName = 'EnableSmartScreen' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\System' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\System\DontDisplayNetworkSelectionUI' | |
| { | |
| ValueName = 'DontDisplayNetworkSelectionUI' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\System' | |
| }#> | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\System\EnumerateLocalUsers' | |
| { | |
| ValueName = 'EnumerateLocalUsers' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\System' | |
| } | |
| Registry 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\AllowIndexingEncryptedStoresOrItems' | |
| { | |
| ValueName = 'AllowIndexingEncryptedStoresOrItems' | |
| Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client\AllowUnencryptedTraffic' | |
| { | |
| ValueName = 'AllowUnencryptedTraffic' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client\AllowBasic' | |
| { | |
| ValueName = 'AllowBasic' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client\AllowDigest' | |
| { | |
| ValueName = 'AllowDigest' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\WinRM\Client' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service\AllowBasic' | |
| { | |
| ValueName = 'AllowBasic' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service\DisableRunAs' | |
| { | |
| ValueName = 'DisableRunAs' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service\AllowUnencryptedTraffic' | |
| { | |
| ValueName = 'AllowUnencryptedTraffic' | |
| Key = 'HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall' | |
| { | |
| ValueName = 'EnableFirewall' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\DomainProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\DomainProfile\DefaultOutboundAction' | |
| { | |
| ValueName = 'DefaultOutboundAction' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\DomainProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\DomainProfile\DefaultInboundAction' | |
| { | |
| ValueName = 'DefaultInboundAction' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\DomainProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\DefaultOutboundAction' | |
| { | |
| ValueName = 'DefaultOutboundAction' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\EnableFirewall' | |
| { | |
| ValueName = 'EnableFirewall' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile\DefaultInboundAction' | |
| { | |
| ValueName = 'DefaultInboundAction' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\PrivateProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\EnableFirewall' | |
| { | |
| ValueName = 'EnableFirewall' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\DefaultOutboundAction' | |
| { | |
| ValueName = 'DefaultOutboundAction' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile\DefaultInboundAction' | |
| { | |
| ValueName = 'DefaultInboundAction' | |
| Key = 'HKLM:\Software\Policies\Microsoft\WindowsFirewall\PublicProfile' | |
| } | |
| Registry 'Registry(POL): HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest\UseLogonCredential' | |
| { | |
| ValueName = 'UseLogonCredential' | |
| Key = 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest' | |
| } | |
| Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Policies\EarlyLaunch\DriverLoadPolicy' | |
| { | |
| ValueName = 'DriverLoadPolicy' | |
| Key = 'HKLM:\System\CurrentControlSet\Policies\EarlyLaunch' | |
| } | |
| Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemand' | |
| { | |
| ValueName = 'NoNameReleaseOnDemand' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Netbt\Parameters' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemand' | |
| { | |
| ValueName = 'NoNameReleaseOnDemand' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Netbt\Parameters' | |
| }#> | |
| Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting' | |
| { | |
| ValueName = 'DisableIPSourceRouting' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Tcpip\Parameters' | |
| } | |
| Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect' | |
| { | |
| ValueName = 'EnableICMPRedirect' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Tcpip\Parameters' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect' | |
| { | |
| ValueName = 'EnableICMPRedirect' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Tcpip\Parameters' | |
| }#> | |
| <#Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting' | |
| { | |
| ValueName = 'DisableIPSourceRouting' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Tcpip\Parameters' | |
| }#> | |
| Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Services\Tcpip6\Parameters\DisableIPSourceRouting' | |
| { | |
| ValueName = 'DisableIPSourceRouting' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Tcpip6\Parameters' | |
| } | |
| <#Registry 'Registry(POL): HKLM:\System\CurrentControlSet\Services\Tcpip6\Parameters\DisableIPSourceRouting' | |
| { | |
| ValueName = 'DisableIPSourceRouting' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Tcpip6\Parameters' | |
| }#> | |
| <#Registry 'Registry(POL): HKCU:\Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaveActive' | |
| { | |
| ValueName = 'ScreenSaveActive' | |
| Key = 'HKCU:\Software\Policies\Microsoft\Windows\Control Panel\Desktop' | |
| }#> | |
| <#Registry 'Registry(POL): HKCU:\Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaverIsSecure' | |
| { | |
| ValueName = 'ScreenSaverIsSecure' | |
| Key = 'HKCU:\Software\Policies\Microsoft\Windows\Control Panel\Desktop' | |
| }#> | |
| UserRightsAssignment 'UserRightsAssignment(INF): Allow_log_on_locally' | |
| { | |
| Policy = 'Allow_log_on_locally' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Load_and_unload_device_drivers' | |
| { | |
| Policy = 'Load_and_unload_device_drivers' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Impersonate_a_client_after_authentication' | |
| { | |
| Policy = 'Impersonate_a_client_after_authentication' | |
| Identity = @('*S-1-5-32-544', '*S-1-5-6', '*S-1-5-19', '*S-1-5-20' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Take_ownership_of_files_or_other_objects' | |
| { | |
| Policy = 'Take_ownership_of_files_or_other_objects' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Deny_log_on_locally' | |
| { | |
| Policy = 'Deny_log_on_locally' | |
| Identity = @('*S-1-5-32-546' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Back_up_files_and_directories' | |
| { | |
| Policy = 'Back_up_files_and_directories' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Access_Credential_Manager_as_a_trusted_caller' | |
| { | |
| Policy = 'Access_Credential_Manager_as_a_trusted_caller' | |
| Identity = @('' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Create_symbolic_links' | |
| { | |
| Policy = 'Create_symbolic_links' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Debug_programs' | |
| { | |
| Policy = 'Debug_programs' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Deny_log_on_through_Remote_Desktop_Services' | |
| { | |
| Policy = 'Deny_log_on_through_Remote_Desktop_Services' | |
| Identity = @('*S-1-5-32-546', '*S-1-5-113' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Lock_pages_in_memory' | |
| { | |
| Policy = 'Lock_pages_in_memory' | |
| Identity = @('' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Increase_scheduling_priority' | |
| { | |
| Policy = 'Increase_scheduling_priority' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Manage_auditing_and_security_log' | |
| { | |
| Policy = 'Manage_auditing_and_security_log' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Create_a_pagefile' | |
| { | |
| Policy = 'Create_a_pagefile' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Restore_files_and_directories' | |
| { | |
| Policy = 'Restore_files_and_directories' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Create_a_token_object' | |
| { | |
| Policy = 'Create_a_token_object' | |
| Identity = @('' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Create_permanent_shared_objects' | |
| { | |
| Policy = 'Create_permanent_shared_objects' | |
| Identity = @('' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Create_global_objects' | |
| { | |
| Policy = 'Create_global_objects' | |
| Identity = @('*S-1-5-32-544', '*S-1-5-6', '*S-1-5-19', '*S-1-5-20' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Deny_access_to_this_computer_from_the_network' | |
| { | |
| Policy = 'Deny_access_to_this_computer_from_the_network' | |
| Identity = @('*S-1-5-32-546', '*S-1-5-114' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Enable_computer_and_user_accounts_to_be_trusted_for_delegation' | |
| { | |
| Policy = 'Enable_computer_and_user_accounts_to_be_trusted_for_delegation' | |
| Identity = @('' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Force_shutdown_from_a_remote_system' | |
| { | |
| Policy = 'Force_shutdown_from_a_remote_system' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Access_this_computer_from_the_network' | |
| { | |
| Policy = 'Access_this_computer_from_the_network' | |
| Identity = @('*S-1-5-11', '*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Perform_volume_maintenance_tasks' | |
| { | |
| Policy = 'Perform_volume_maintenance_tasks' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Act_as_part_of_the_operating_system' | |
| { | |
| Policy = 'Act_as_part_of_the_operating_system' | |
| Identity = @('' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Generate_security_audits' | |
| { | |
| Policy = 'Generate_security_audits' | |
| Identity = @('*S-1-5-19', '*S-1-5-20' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Profile_single_process' | |
| { | |
| Policy = 'Profile_single_process' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| UserRightsAssignment 'UserRightsAssignment(INF): Modify_firmware_environment_values' | |
| { | |
| Policy = 'Modify_firmware_environment_values' | |
| Identity = @('*S-1-5-32-544' | |
| ) | |
| } | |
| SecuritySetting 'SecuritySetting(INF): LSAAnonymousNameLookup' | |
| { | |
| LSAAnonymousNameLookup = 0 | |
| Name = 'LSAAnonymousNameLookup' | |
| } | |
| SecuritySetting 'SecuritySetting(INF): EnableGuestAccount' | |
| { | |
| EnableGuestAccount = 0 | |
| Name = 'EnableGuestAccount' | |
| } | |
| SecuritySetting 'SecuritySetting(INF): ForceLogoffWhenHourExpire' | |
| { | |
| Name = 'ForceLogoffWhenHourExpire' | |
| ForceLogoffWhenHourExpire = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPassword' | |
| { | |
| ValueName = 'EnablePlainTextPassword' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\LanmanWorkstation\Parameters' | |
| ValueData = 0 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters\requiresignorseal' | |
| { | |
| ValueName = 'requiresignorseal' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScRemoveOption' | |
| { | |
| ValueName = 'ScRemoveOption' | |
| ValueType = 'String' | |
| Key = 'HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon' | |
| ValueData = '1' | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableInstallerDetection' | |
| { | |
| ValueName = 'EnableInstallerDetection' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters\disablepasswordchange' | |
| { | |
| ValueName = 'disablepasswordchange' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters' | |
| ValueData = 0 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\LanManServer\Parameters\enablesecuritysignature' | |
| { | |
| ValueName = 'enablesecuritysignature' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\LanManServer\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Session Manager\ProtectionMode' | |
| { | |
| ValueName = 'ProtectionMode' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Session Manager' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableSecureUIAPaths' | |
| { | |
| ValueName = 'EnableSecureUIAPaths' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM' | |
| { | |
| ValueName = 'RestrictAnonymousSAM' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec' | |
| { | |
| ValueName = 'NTLMMinServerSec' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0' | |
| ValueData = 537395200 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Session Manager\Kernel\ObCaseInsensitive' | |
| { | |
| ValueName = 'ObCaseInsensitive' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Session Manager\Kernel' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorUser' | |
| { | |
| ValueName = 'ConsentPromptBehaviorUser' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 0 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\RestrictAnonymous' | |
| { | |
| ValueName = 'RestrictAnonymous' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecuritySignature' | |
| { | |
| ValueName = 'RequireSecuritySignature' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\LanmanWorkstation\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\UseMachineId' | |
| { | |
| ValueName = 'UseMachineId' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\NoLMHash' | |
| { | |
| ValueName = 'NoLMHash' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters\sealsecurechannel' | |
| { | |
| ValueName = 'sealsecurechannel' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel' | |
| { | |
| ValueName = 'LmCompatibilityLevel' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa' | |
| ValueData = 5 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnableSecuritySignature' | |
| { | |
| ValueName = 'EnableSecuritySignature' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\LanmanWorkstation\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSec' | |
| { | |
| ValueName = 'NTLMMinClientSec' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0' | |
| ValueData = 537395200 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\SCENoApplyLegacyAuditPolicy' | |
| { | |
| ValueName = 'SCENoApplyLegacyAuditPolicy' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\LanManServer\Parameters\requiresecuritysignature' | |
| { | |
| ValueName = 'requiresecuritysignature' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\LanManServer\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters\maximumpasswordage' | |
| { | |
| ValueName = 'maximumpasswordage' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters' | |
| ValueData = 30 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters\requirestrongkey' | |
| { | |
| ValueName = 'requirestrongkey' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\LanManServer\Parameters\RestrictNullSessAccess' | |
| { | |
| ValueName = 'RestrictNullSessAccess' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\LanManServer\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous' | |
| { | |
| ValueName = 'EveryoneIncludesAnonymous' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa' | |
| ValueData = 0 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrity' | |
| { | |
| ValueName = 'LDAPClientIntegrity' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\LDAP' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA' | |
| { | |
| ValueName = 'EnableLUA' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\LanManServer\Parameters\autodisconnect' | |
| { | |
| ValueName = 'autodisconnect' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\LanManServer\Parameters' | |
| ValueData = 15 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableUIADesktopToggle' | |
| { | |
| ValueName = 'EnableUIADesktopToggle' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 0 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableVirtualization' | |
| { | |
| ValueName = 'EnableVirtualization' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse' | |
| { | |
| ValueName = 'LimitBlankPasswordUse' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\FilterAdministratorToken' | |
| { | |
| ValueName = 'FilterAdministratorToken' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin' | |
| { | |
| ValueName = 'ConsentPromptBehaviorAdmin' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 2 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0\allownullsessionfallback' | |
| { | |
| ValueName = 'allownullsessionfallback' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0' | |
| ValueData = 0 | |
| } | |
| Registry 'Registry(INF): HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters\signsecurechannel' | |
| { | |
| ValueName = 'signsecurechannel' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters' | |
| ValueData = 1 | |
| } | |
| Registry 'Registry(INF): HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\InactivityTimeoutSecs' | |
| { | |
| ValueName = 'InactivityTimeoutSecs' | |
| ValueType = 'Dword' | |
| Key = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' | |
| ValueData = 900 | |
| } | |
| } | |
| } | |
| DSCFromGPO -OutputPath '.\DC Member Server SecPol DSC\' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment