How to reset security settings back to the defaults
2008-09-20 13:18
573 查看
On This Page
1。SUMMARY
2。MORE INFORMATION
3。Sample command to reset security settings
4。Secedit parameters
var sectionFilter = "type != 'notice' && type != 'securedata' && type != 'querywords'";
var tocArrow = "/library/images/support/kbgraphics/public/en-us/downarrow.gif";
var depthLimit = 10;
var depth3Limit = 10;
var depth4Limit = 5;
var depth5Limit = 3;
var tocEntryMinimum = 1;
This step-by-step article describes how to set the security settings in Microsoft Windows XP Professional and in Windows Vista back to the default settings for a disaster recovery scenario. You should should only follow these steps when a security change has been applied to the computer that has negative affects and when no backup is available to restore from. The Secsetup.inf template does not contain a full copy of the security settings that are applied during setup.
To reset your operating system back to original installation default security settings:
To reset your operating system back to original installation default security settings:
1. Click Start, click Run, type cmd, and then press ENTER.
2. For Windows XP, type the following command, and then press ENTER:
secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose
For Windows Vista, type the following command, and then press ENTER:
secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
You receive a "Task is completed" message, and a warning message that something could not be done. You can safely ignore this message. For more information about this message, view the %windir%\Security\Logs\Scesrv.log file.
Note In Windows Vista, the defltbase.inf file is a Security configuration template for the default security. You can view the settings for this file in the following location:
%windir%\inf\defltbase.inf
• /configure - Specifies that Secedit.exe should set system security settings.
• /DB filename - Provides the path to a database that contains the security template to be applied. This is a required argument, but the database file does not have to exist if you use the /CFG switch to specify a security template.
• /CFG filename - This argument is only valid when you use it with the /DB parameter. It is the path to the security template that will be imported into the database and applied to the system. If you do not specify this argument, the template that is already stored in the database will be applied.
• /overwrite - This argument is only valid when the /CFG argument is also used. This specifies whether the security template in the /CFG argument overwrites any template or composite template that is stored in the database instead of appending the results to the stored template. If this is not specified, the template in the /CFG argument will be appended to the stored template.
• /areas AreaName1AreaName2... Specifies the security areas to be applied to the system. The default is "all areas." Each area must be separated by a space.
AreaNameX - Description
SECURITYPOLICY - Local policy and domain policy for the system, including account policies, audit policies, and other policies.
GROUP_MGMT - Restricted group settings for any groups that are specified in the security template.
USER_RIGHTS - User logon rights and granting of privileges.
REGKEYS - Security on local registry keys.
FILESTORE - Security on local file storage.
SERVICES - Security for all defined services.
Note Each of these areas coincide with similar names in the Security Template.
• /log logpath - You can use this switch to configure the location of the log file that tracks the changes.
• /verbose - Specifies more detailed progress information.
• /quiet - Minimize the amount of feedback that is provided during the update on the screen and in the log file.
For online help about Secedit, click Start, click Run, type %windir%\help\secedit.chm, and then press ENTER.
APPLIES TO
Keywords:kbenv kbhowtomaster KB313222
原文出处:http://support.microsoft.com/default.aspx?scid=kb;en-us;313222
1。SUMMARY
2。MORE INFORMATION
3。Sample command to reset security settings
4。Secedit parameters
var sectionFilter = "type != 'notice' && type != 'securedata' && type != 'querywords'";
var tocArrow = "/library/images/support/kbgraphics/public/en-us/downarrow.gif";
var depthLimit = 10;
var depth3Limit = 10;
var depth4Limit = 5;
var depth5Limit = 3;
var tocEntryMinimum = 1;
SUMMARY
loadTOCNode(1, 'summary');This step-by-step article describes how to set the security settings in Microsoft Windows XP Professional and in Windows Vista back to the default settings for a disaster recovery scenario. You should should only follow these steps when a security change has been applied to the computer that has negative affects and when no backup is available to restore from. The Secsetup.inf template does not contain a full copy of the security settings that are applied during setup.
MORE INFORMATION
loadTOCNode(1, 'moreinformation');Sample command to reset security settings
loadTOCNode(2, 'moreinformation'); Note After security settings are applied, you cannot undo the changes without restoring from a backup. If you are uncertain about resetting your security settings back to the default security settings, you must make a complete backup that includes the "System State" (the registry files). Items that are reset include NTFS file system files and folders, the registry, policies, services, privilege rights, and group membership.To reset your operating system back to original installation default security settings:
To reset your operating system back to original installation default security settings:
1. Click Start, click Run, type cmd, and then press ENTER.
2. For Windows XP, type the following command, and then press ENTER:
secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose
For Windows Vista, type the following command, and then press ENTER:
secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
You receive a "Task is completed" message, and a warning message that something could not be done. You can safely ignore this message. For more information about this message, view the %windir%\Security\Logs\Scesrv.log file.
Note In Windows Vista, the defltbase.inf file is a Security configuration template for the default security. You can view the settings for this file in the following location:
%windir%\inf\defltbase.inf
Secedit parameters
loadTOCNode(2, 'moreinformation');• /configure - Specifies that Secedit.exe should set system security settings.
• /DB filename - Provides the path to a database that contains the security template to be applied. This is a required argument, but the database file does not have to exist if you use the /CFG switch to specify a security template.
• /CFG filename - This argument is only valid when you use it with the /DB parameter. It is the path to the security template that will be imported into the database and applied to the system. If you do not specify this argument, the template that is already stored in the database will be applied.
• /overwrite - This argument is only valid when the /CFG argument is also used. This specifies whether the security template in the /CFG argument overwrites any template or composite template that is stored in the database instead of appending the results to the stored template. If this is not specified, the template in the /CFG argument will be appended to the stored template.
• /areas AreaName1AreaName2... Specifies the security areas to be applied to the system. The default is "all areas." Each area must be separated by a space.
AreaNameX - Description
SECURITYPOLICY - Local policy and domain policy for the system, including account policies, audit policies, and other policies.
GROUP_MGMT - Restricted group settings for any groups that are specified in the security template.
USER_RIGHTS - User logon rights and granting of privileges.
REGKEYS - Security on local registry keys.
FILESTORE - Security on local file storage.
SERVICES - Security for all defined services.
Note Each of these areas coincide with similar names in the Security Template.
• /log logpath - You can use this switch to configure the location of the log file that tracks the changes.
• /verbose - Specifies more detailed progress information.
• /quiet - Minimize the amount of feedback that is provided during the update on the screen and in the log file.
For online help about Secedit, click Start, click Run, type %windir%\help\secedit.chm, and then press ENTER.
APPLIES TO
• | Microsoft Windows XP Professional |
• | Windows Vista Business |
• | Windows Vista Enterprise |
• | Windows Vista Home Basic |
• | Windows Vista Home Premium |
• | Windows Vista Ultimate |
原文出处:http://support.microsoft.com/default.aspx?scid=kb;en-us;313222
相关文章推荐
- How to reset the ILOM root password back to the default 'changeme' using ipmitool
- how to change the implicit default settings in django 1.6
- How to Reset the Root Password
- Mac环境下mysql初始化密码问题--If you lose this password, please consult the section How to Reset the Root Password in the MySQL reference manual.
- How to choose the development settings in Visual Studio 2005 ?
- How to Reset the&…
- How to reset the root passwd if we forget the root password in red hat
- How to Reset the Root Password 5.5
- [ERROR] Fatal error: Please read "Security" section of the manual to find out how to run mysqld as r
- How to apply Local Group Policy settings silently using the ImportRegPol.exe and Apply_LGPO_Delta.exe utilities.
- [Drupal 7]How to hide the "URL path settings" fieldset?如何隐藏“URL别名”字段?
- How to back up the BlackBerry Configuration Database(备份BES数据库)
- How to use the Security Configuration and Analysis tool
- How to save the DDR SDRAM data upon reset
- How to use the date format that has been setup as default in Settings?
- How To Add The BackTrack Repository To Ubuntu 12.10/12.04/11.10
- MySQL安装出现的问题:the security settings could not be applied to 。。。 原因是原来的东西没有卸载干净
- [ERROR] Fatal error: Please read "Security" section of the manual to find out how to run mysqld as root!
- win7 mysql 安装 报The security settings could not be applied to the database
- How to create fully custom Role, User, Event, Resource classes for use with the Security and Scheduler modules