API tools faq
paste
salawank

Local audit policy batch script-1.3

salawank
Jun 16th, 2011
247
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.52 KB | None | 0 0
raw download clone embed print report
  1. @ECHO OFF
  2. :: poorman Local Security Policy (Audit Policy) batch script v1.3
  3. :: will enable success/failure for all audits except DS access
  4. :: require auditpol.exe if not exist
  5. :: win ver part shamelessly from Denis St-Pierre
  6. :: tdr.local[at]gmail.com
  7.  
  8.  
  9. VER | FINDSTR /L "5.0." > NUL:
  10. IF %ErrorLevel% EQU 0 (
  11. ECHO System is running Win 2000
  12. C:\Windows\System32\auditpol.exe /enable /system:all /logon:all /object:all /privilege:all /process:all /policy:all /sam:all
  13.  
  14. )
  15.  
  16. VER | FINDSTR /L "5.1." > NUL:
  17. IF %ErrorLevel% EQU 0 (
  18. ECHO System is running Win XP
  19. GOTO Win_XP_2003
  20.  
  21. )
  22.  
  23. VER | FINDSTR /L "5.2." > NUL:
  24. IF %ErrorLevel% EQU 0 (
  25. ECHO System is running Win 2003
  26. GOTO Win_XP_2003
  27.  
  28. )
  29.  
  30. VER | FINDSTR /L "6.0." > NUL:
  31. IF %ErrorLevel% EQU 0 (
  32. If EXIST %SystemRoot%\System32\ServerManagerLauncher.exe (
  33. ECHO Running Windows 2008R1
  34. GOTO Win_Vista_7_2008
  35.  
  36. ) ELSE (
  37. ECHO System is running Win Vista
  38. GOTO Win_Vista_7_2008
  39.  
  40. )
  41. )
  42.  
  43. VER | FINDSTR /L "6.1." > NUL:
  44. IF %ErrorLevel% EQU 0 (
  45. If EXIST %SystemRoot%\System32\ServerManagerLauncher.exe (
  46. ECHO Running Windows 2008R2
  47. GOTO Win_Vista_7_2008
  48.  
  49. ) ELSE (
  50. ECHO System is running Windows 7
  51. GOTO Win_Vista_7_2008
  52.  
  53. )
  54. )
  55.  
  56. :Win_XP_2003
  57. Echo copying Auditpol.exe to system32...
  58. REM change the IP address to share server's IP
  59. xcopy "\\192.168.44.1\auditpol\Auditpol.exe" C:\Windows\system32
  60. Echo Enabling Auditing...
  61. C:\Windows\system32\Auditpol.exe /enable /system:all /logon:all /object:all /privilege:all /process:all /policy:all /sam:all
  62. GOTO EXEC_CMD
  63.  
  64.  
  65. :Win_Vista_7_2008
  66. C:\Windows\System32\auditpol.exe /set /category:"Account Logon" /success:enable /failure:enable
  67. C:\Windows\System32\auditpol.exe /set /category:"Object Access" /success:enable /failure:enable
  68. C:\Windows\System32\auditpol.exe /set /category:"Account Management" /success:enable /failure:enable
  69. C:\Windows\System32\auditpol.exe /set /category:"Detailed Tracking" /success:enable /failure:enable
  70. C:\Windows\System32\auditpol.exe /set /category:"DS Access" /success:disable /failure:disable
  71. C:\Windows\System32\auditpol.exe /set /category:"Logon/Logoff" /success:enable /failure:enable
  72. C:\Windows\System32\auditpol.exe /set /category:"Policy Change" /success:enable /failure:enable
  73. C:\Windows\System32\auditpol.exe /set /category:"Privilege Use" /success:enable /failure:enable
  74. C:\Windows\System32\auditpol.exe /set /category:"System" /success:enable /failure:enable
  75. GOTO EXEC_CMD
  76.  
  77. :EXEC_CMD
  78. ECHO Continue with Audit Policy..
  79. PAUSE
  80. START c:\windows\system32\secpol.msc
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!