salawank

Local audit policy batch script

Jun 15th, 2011
495
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. @ECHO OFF
  2. :: poorman Local Security Policy (Audit Policy) batch script v1.2
  3. :: will enable success/failure for all audits except DS access
  4. :: require auditpol.exe if not exist
  5. :: win ver part shamelessly from Denis St-Pierre
  6. :: tdr.local[at]gmail.com
  7.  
  8.  
  9. VER | FINDSTR /L "5.0." > NUL:
  10. IF %ErrorLevel% EQU 0 (
  11. ECHO System is running Win 2000
  12. C:\Windows\System32\auditpol.exe /enable /system:all /logon:all /object:all /privilege:all /process:all /policy:all /sam:all
  13.  
  14. )
  15.  
  16. VER | FINDSTR /L "5.1." > NUL:
  17. IF %ErrorLevel% EQU 0 (
  18. ECHO System is running Win XP
  19. GOTO Win_XP_2003
  20.  
  21. )
  22.  
  23. VER | FINDSTR /L "5.2." > NUL:
  24. IF %ErrorLevel% EQU 0 (
  25. ECHO System is running Win 2003
  26. GOTO Win_XP_2003
  27.  
  28. )
  29.  
  30. VER | FINDSTR /L "6.0." > NUL:
  31. IF %ErrorLevel% EQU 0 (
  32. If EXIST %SystemRoot%\System32\ServerManagerLauncher.exe (
  33. ECHO Running Windows 2008R1
  34. GOTO Win_Vista_7_2008
  35.  
  36. ) ELSE (
  37. ECHO System is running Win Vista
  38. GOTO Win_Vista_7_2008
  39.  
  40. )
  41. )
  42.  
  43. VER | FINDSTR /L "6.1." > NUL:
  44. IF %ErrorLevel% EQU 0 (
  45. If EXIST %SystemRoot%\System32\ServerManagerLauncher.exe (
  46. ECHO Running Windows 2008R2
  47. GOTO Win_Vista_7_2008
  48.  
  49. ) ELSE (
  50. ECHO System is running Windows 7
  51. GOTO Win_Vista_7_2008
  52.  
  53. )
  54. )
  55.  
  56. :Win_XP_2003
  57. Auditpol.exe /enable /system:all /logon:all /object:all /privilege:all /process:all /policy:all /sam:all
  58. GOTO EXEC_CMD
  59.  
  60.  
  61. :Win_Vista_7_2008
  62. C:\Windows\System32\auditpol.exe /set /category:"Account Logon" /success:enable /failure:enable
  63. C:\Windows\System32\auditpol.exe /set /category:"Object Access" /success:enable /failure:enable
  64. C:\Windows\System32\auditpol.exe /set /category:"Account Management" /success:enable /failure:enable
  65. C:\Windows\System32\auditpol.exe /set /category:"Detailed Tracking" /success:enable /failure:enable
  66. C:\Windows\System32\auditpol.exe /set /category:"DS Access" /success:disable /failure:disable
  67. C:\Windows\System32\auditpol.exe /set /category:"Logon/Logoff" /success:enable /failure:enable
  68. C:\Windows\System32\auditpol.exe /set /category:"Policy Change" /success:enable /failure:enable
  69. C:\Windows\System32\auditpol.exe /set /category:"Privilege Use" /success:enable /failure:enable
  70. C:\Windows\System32\auditpol.exe /set /category:"System" /success:enable /failure:enable
  71. GOTO EXEC_CMD
  72.  
  73. :EXEC_CMD
  74. ECHO Continue with Audit Policy..
  75. PAUSE
  76. START c:\windows\system32\secpol.msc
RAW Paste Data