I am working on a windows hardening project and need to implement a few gpo settings that are not available by default on my windows 2008 r2 servers.
Per Microsoft's instructions, I am able to navigate to the sceregvl.infl
file and add the lines in bold below for them to show up in the group policy manager. Below is just one of the settings I also intend to add. Additionally I need to add a "NoIPRouting" base gpo setting that is also not available.
Open and edit the c:\windows\inf\Sceregvl.in
f file by using Notepad.
Copy the following text which should all be in one line:
MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\nodefaultadminowner,3,"System objects: Default owner for objects created by members of the Administrators group",3,0|Administrators group,1|Object Creator
Paste the text just after the following line in the file:
Any how, I see how Microsoft's instructions are suited for adding this a single server. How can I go about populating this on 500 Windows servers without having to go around each one of them?