Home > Commands N-Z > Commands S

SECEDIT


Description | Syntax | Parameters | Switches | Related | Notes | Examples | Errorlevels | Availability

Configures and analyzes system security by comparing your current configuration to at least one template.


Syntax

SECEDIT /?

SECEDIT {/ANALYZE | /CONFIGURE | /EXPORT | /GENERATEROLLBACK | /IMPORT | /VALIDATE} /?

SECEDIT /ANALYZE /DB file_name [/CFG file_name] [/LOG file_name] [/OVERWRITE] [/QUIET]

SECEDIT /CONFIGURE /DB file_name [/AREAS area area2 ...] [/CFG file_name] [/LOG file_name] [/OVERWRITE] [/QUIET]

SECEDIT /EXPORT [/AREAS area area2 ...] [/DB file_name [/CFG file_name]] [/LOG file_name] [/MERGEDPOLICY] [/QUIET]

SECEDIT /GENERATEROLLBACK /CFG file_name [/LOG file_name] [/QUIET] /RBK file_name

SECEDIT /IMPORT [/AREAS area area2 ...] /DB file_name /CFG file_name [/LOG file_name] [/OVERWRITE] [/QUIET]

SECEDIT /VALIDATE file_name


Parameters
file_name (NTXP)
Specifies the file name of the security template you have created with Security Templates.

Switches
/? (NTXP)
Displays help.
/ANALYZE (NTXP)
Analyze system security.
/AREAS area1 area2 ... (NTXP)
Specifies the security areas to be applied to the system. If an area is not specified, all areas are applied to the system. Each area should be separated by a space:
/CFG file_name (NTXP)
Specifies the path and file name for the security template that will be imported into the database for analysis. Only valid when used with /db. If omitted, the analysis is performed against any configuration already stored in the database.
/CONFIGURE (NTXP)
Configures system security by applying a stored template.
/DB file_name (NTXP)
Specifies the path and file name of a database that contains the stored configuration against which the analysis will be performed. If file_name specifies a new database, /cfg file_name must also be specified.
/EXPORT (NTXP)
Exports a stored template from a security database to a security template file.
/GENERATEROLLBACK (NT2003)
Allows you to generate a rollback template with respect to a configuration template. When applying a configuration template to a computer you have the option of creating rollback template which, when applied, resets the security settings to the values before the configuration template was applied.
/IMPORT (NT2003)
Allows you to import a security template into a database so that the settings specified in the template can be applied to a system or analyzed against a system.
/LOG file_name (NTXP)
Specifies the path and file name of the log file for the process. If omitted, the default log file is used.
/MERGEDPOLICY (NTXP)
Merges and exports domain and local policy security settings.
/OVERWRITE (NTXP)
Specifies whether the security template in /cfg should overwrite any template or composite template that is stored in the database instead of appending the results to the stored template. Only valid when /cfg is used. If omitted, the /cfg template is appended to the stored template.
/QUIET (NTXP)
Suppresses screen and log output. You can still view analysis results by using Security Configuration and Analysis.
/RBK file_name (NT2003)
Specifies the file name of the security template that will be created as the rollback template.
/VALIDATE (NTXP)
Validates the syntax of a security template to be imported into a database for analysis or application to a system.

Related

SECEDIT /refreshpolicy has been replaced with gpupdate.


Notes

none.


Examples

none.


Errorlevels

none.


Availability
External
DOS
none
Windows
none
Windows NT
NTXP NT2003