Solved

How do I enable file system auditing via VBS?

Posted on 2010-09-07
5
693 Views
Last Modified: 2012-05-10
Hi Everyone,

I'm looking to enable file system auditing for all local administrators across a very large number of windows servers (2000/2003/2008) and need to know if this can be scripted (VBS preferred). I have created and exported a security INF profile and know this can be imported on a server to apply changes. But since I need to apply these settings on a large number of systems, importing this INF on each server is not going to be feasible.

Please help.

Thanks!
0
Comment
Question by:jspirko
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 65

Expert Comment

by:RobSampson
ID: 33623230
Hi, it would probably be easiest to automate the install of the INF onto each server.  What is the comand that you use to do this?  We could probably just put that command in a central batch file, then use PSExec to run the batch file on each server...

Regards,

Rob.
0
 

Author Comment

by:jspirko
ID: 33626944
On a test machine I modified the local security policy with the settings that I needed. Then I export the security settings to an INF file (Local Security Policy > Security Settings > Right-Click > Export Policy). Then on the target server I can import the INF file (Local Security Policy > Security Settings > Right-Click > Import Policy).

So far I've done this manually as stated above. If there is a way to automate this that would be great.

Thanks,

Jason
0
 

Author Comment

by:jspirko
ID: 33626960
I'm not worried how to deploy the script to the servers. We have HP Opsware in our environment that we can use to push the script out.

~ Jason
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 33632618
OK, it looks like SecEdit will be the tool for this job, but I can't see the different between the /configure and /import options.

I have a feeling you're more after the /configure option though.  There's a few deployment methods here that should help you.  It appears you can use the secedit command rolled out to import the settings, or even use GPO.
http://www.windowsecurity.com/articles/Baselining-Security-Templates.html

Another document here might give you more info:
http://www.governmentsecurity.org/articles/step-by-step-guide-using-security-configuration-toolset.html

But that should get you well on the way, as long as you can figure out the secedit command.

Regards,

Rob.
0
 

Author Comment

by:jspirko
ID: 33775516
Thanks. I used the following SecEdit command to import the security template:

Secedit /configure /db secedit.sdb /cfg"c:\temp\custom.inf"
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is pretty cool.  The purpose of this VB Script is to help you document where JAR (Java ARchive) files and specifically java class files are located so that you can address issues seen with a client or that you can speak intelligently with a dev…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question