API tools faq
paste
salawank

Local audit policy batch script

salawank
Jun 15th, 2011
546
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.32 KB | None | 0 0
raw download clone embed print report
  1. @ECHO OFF
  2. :: poorman Local Security Policy (Audit Policy) batch script v1.2
  3. :: will enable success/failure for all audits except DS access
  4. :: require auditpol.exe if not exist
  5. :: win ver part shamelessly from Denis St-Pierre
  6. :: tdr.local[at]gmail.com
  7.  
  8.  
  9. VER | FINDSTR /L "5.0." > NUL:
  10. IF %ErrorLevel% EQU 0 (
  11. ECHO System is running Win 2000
  12. C:\Windows\System32\auditpol.exe /enable /system:all /logon:all /object:all /privilege:all /process:all /policy:all /sam:all
  13.  
  14. )
  15.  
  16. VER | FINDSTR /L "5.1." > NUL:
  17. IF %ErrorLevel% EQU 0 (
  18. ECHO System is running Win XP
  19. GOTO Win_XP_2003
  20.  
  21. )
  22.  
  23. VER | FINDSTR /L "5.2." > NUL:
  24. IF %ErrorLevel% EQU 0 (
  25. ECHO System is running Win 2003
  26. GOTO Win_XP_2003
  27.  
  28. )
  29.  
  30. VER | FINDSTR /L "6.0." > NUL:
  31. IF %ErrorLevel% EQU 0 (
  32. If EXIST %SystemRoot%\System32\ServerManagerLauncher.exe (
  33. ECHO Running Windows 2008R1
  34. GOTO Win_Vista_7_2008
  35.  
  36. ) ELSE (
  37. ECHO System is running Win Vista
  38. GOTO Win_Vista_7_2008
  39.  
  40. )
  41. )
  42.  
  43. VER | FINDSTR /L "6.1." > NUL:
  44. IF %ErrorLevel% EQU 0 (
  45. If EXIST %SystemRoot%\System32\ServerManagerLauncher.exe (
  46. ECHO Running Windows 2008R2
  47. GOTO Win_Vista_7_2008
  48.  
  49. ) ELSE (
  50. ECHO System is running Windows 7
  51. GOTO Win_Vista_7_2008
  52.  
  53. )
  54. )
  55.  
  56. :Win_XP_2003
  57. Auditpol.exe /enable /system:all /logon:all /object:all /privilege:all /process:all /policy:all /sam:all
  58. GOTO EXEC_CMD
  59.  
  60.  
  61. :Win_Vista_7_2008
  62. C:\Windows\System32\auditpol.exe /set /category:"Account Logon" /success:enable /failure:enable
  63. C:\Windows\System32\auditpol.exe /set /category:"Object Access" /success:enable /failure:enable
  64. C:\Windows\System32\auditpol.exe /set /category:"Account Management" /success:enable /failure:enable
  65. C:\Windows\System32\auditpol.exe /set /category:"Detailed Tracking" /success:enable /failure:enable
  66. C:\Windows\System32\auditpol.exe /set /category:"DS Access" /success:disable /failure:disable
  67. C:\Windows\System32\auditpol.exe /set /category:"Logon/Logoff" /success:enable /failure:enable
  68. C:\Windows\System32\auditpol.exe /set /category:"Policy Change" /success:enable /failure:enable
  69. C:\Windows\System32\auditpol.exe /set /category:"Privilege Use" /success:enable /failure:enable
  70. C:\Windows\System32\auditpol.exe /set /category:"System" /success:enable /failure:enable
  71. GOTO EXEC_CMD
  72.  
  73. :EXEC_CMD
  74. ECHO Continue with Audit Policy..
  75. PAUSE
  76. START c:\windows\system32\secpol.msc
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!