Solved

How do I enable file system auditing via VBS?

Posted on 2010-09-07
5
677 Views
Last Modified: 2012-05-10
Hi Everyone,

I'm looking to enable file system auditing for all local administrators across a very large number of windows servers (2000/2003/2008) and need to know if this can be scripted (VBS preferred). I have created and exported a security INF profile and know this can be imported on a server to apply changes. But since I need to apply these settings on a large number of systems, importing this INF on each server is not going to be feasible.

Please help.

Thanks!
0
Comment
Question by:jspirko
  • 3
  • 2
5 Comments
 
LVL 65

Expert Comment

by:RobSampson
ID: 33623230
Hi, it would probably be easiest to automate the install of the INF onto each server.  What is the comand that you use to do this?  We could probably just put that command in a central batch file, then use PSExec to run the batch file on each server...

Regards,

Rob.
0
 

Author Comment

by:jspirko
ID: 33626944
On a test machine I modified the local security policy with the settings that I needed. Then I export the security settings to an INF file (Local Security Policy > Security Settings > Right-Click > Export Policy). Then on the target server I can import the INF file (Local Security Policy > Security Settings > Right-Click > Import Policy).

So far I've done this manually as stated above. If there is a way to automate this that would be great.

Thanks,

Jason
0
 

Author Comment

by:jspirko
ID: 33626960
I'm not worried how to deploy the script to the servers. We have HP Opsware in our environment that we can use to push the script out.

~ Jason
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 33632618
OK, it looks like SecEdit will be the tool for this job, but I can't see the different between the /configure and /import options.

I have a feeling you're more after the /configure option though.  There's a few deployment methods here that should help you.  It appears you can use the secedit command rolled out to import the settings, or even use GPO.
http://www.windowsecurity.com/articles/Baselining-Security-Templates.html

Another document here might give you more info:
http://www.governmentsecurity.org/articles/step-by-step-guide-using-security-configuration-toolset.html

But that should get you well on the way, as long as you can figure out the secedit command.

Regards,

Rob.
0
 

Author Comment

by:jspirko
ID: 33775516
Thanks. I used the following SecEdit command to import the security template:

Secedit /configure /db secedit.sdb /cfg"c:\temp\custom.inf"
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Over the years I have built up my own little library of code snippets that I refer to when programming or writing a script.  Many of these have come from the web or adaptations from snippets I find on the Web.  Periodically I add to them when I come…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now