辉克's Blog

创造机会的人是勇者;等待机会的人是愚者

审计策略开启脚本

保存为BAT格式

 

@echo ===审计策略开启脚本 for win2008  ===

@ auditpol /set /category:”DS 访问” /success:enable /failure:enable
@ auditpol /set /category:”特权使用” /success:enable /failure:enable
@ auditpol /set /category:”对象访问” /success:enable /failure:enable
@ auditpol /set /category:”策略改动” /success:enable /failure:enable

@ auditpol /set /category:”详细追踪” /success:enable /failure:enable
@ auditpol /set /category:”登录/注销” /success:enable /failure:enable
@ auditpol /set /category:”系统” /success:enable /failure:enable
@ auditpol /set /subcategory:”用户帐户管理” /success:enable /failure:enable
@ auditpol /set /subcategory:”计算机帐户管理” /success:enable /failure:enable
@ auditpol /set /subcategory:”安全组管理” /success:enable /failure:enable
@ auditpol /set /subcategory:”分发组管理” /success:enable /failure:enable
@ auditpol /set /subcategory:”应用程序组管理” /success:enable /failure:enable
@ auditpol /set /subcategory:”其他帐户管理事件” /success:enable /failure:enable

@ auditpol /set /subcategory:”Kerberos 服务票证操作” /success:enable /failure:enable
@ auditpol /set /subcategory:”其他帐户登录事件” /success:enable /failure:enable
@ auditpol /set /subcategory:”计算机帐户管理” /success:enable /failure:enable
@ auditpol /set /subcategory:”Kerberos 身份验证服务” /success:enable /failure:enable
@ auditpol /set /subcategory:”凭据验证” /success:enable /failure:enable

@ gpupdate

 

 

============================

亦可用另一种方法实现:

组策略secedit命令 http://www.huike007.cn/?p=417

 

 

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注