OS 名稱: ? ? ? ? ?Microsoft Windows Server 2012 R2 Standard
OS 版本: ? ? ? ? ?6.3.9600 暫缺 Build 9600

查看所有用戶和組

C:\Users\Administrator>wmic useraccount list brief AccountType Caption Domain FullName Name SID 512 WIN-QOATMA184E8\Administrator WIN-QOATMA184E8 Administrator S-1-5-21-3580962554-2649974931-79358928-500 512 WIN-QOATMA184E8\Guest WIN-QOATMA184E8 Guest S-1-5-21-3580962554-2649974931-79358928-501 C:\Users\Administrator>wmic group get Caption, InstallDate, LocalAccount, Domain, SID, Status Caption Domain InstallDate LocalAccount SID Status WIN-QOATMA184E8\Access Control Assistance Operators WIN-QOATMA184E8 TRUE S-1-5-32-579 OK WIN-QOATMA184E8\Administrators WIN-QOATMA184E8 TRUE S-1-5-32-544 OK WIN-QOATMA184E8\Backup Operators WIN-QOATMA184E8 TRUE S-1-5-32-551 OK WIN-QOATMA184E8\Certificate Service DCOM Access WIN-QOATMA184E8 TRUE S-1-5-32-574 OK WIN-QOATMA184E8\Cryptographic Operators WIN-QOATMA184E8 TRUE S-1-5-32-569 OK WIN-QOATMA184E8\Distributed COM Users WIN-QOATMA184E8 TRUE S-1-5-32-562 OK WIN-QOATMA184E8\Event Log Readers WIN-QOATMA184E8 TRUE S-1-5-32-573 OK WIN-QOATMA184E8\Guests WIN-QOATMA184E8 TRUE S-1-5-32-546 OK WIN-QOATMA184E8\Hyper-V Administrators WIN-QOATMA184E8 TRUE S-1-5-32-578 OK WIN-QOATMA184E8\IIS_IUSRS WIN-QOATMA184E8 TRUE S-1-5-32-568 OK WIN-QOATMA184E8\Network Configuration Operators WIN-QOATMA184E8 TRUE S-1-5-32-556 OK WIN-QOATMA184E8\Performance Log Users WIN-QOATMA184E8 TRUE S-1-5-32-559 OK WIN-QOATMA184E8\Performance Monitor Users WIN-QOATMA184E8 TRUE S-1-5-32-558 OK WIN-QOATMA184E8\Power Users WIN-QOATMA184E8 TRUE S-1-5-32-547 OK WIN-QOATMA184E8\Print Operators WIN-QOATMA184E8 TRUE S-1-5-32-550 OK WIN-QOATMA184E8\RDS Endpoint Servers WIN-QOATMA184E8 TRUE S-1-5-32-576 OK WIN-QOATMA184E8\RDS Management Servers WIN-QOATMA184E8 TRUE S-1-5-32-577 OK WIN-QOATMA184E8\RDS Remote Access Servers WIN-QOATMA184E8 TRUE S-1-5-32-575 OK WIN-QOATMA184E8\Remote Desktop Users WIN-QOATMA184E8 TRUE S-1-5-32-555 OK WIN-QOATMA184E8\Remote Management Users WIN-QOATMA184E8 TRUE S-1-5-32-580 OK WIN-QOATMA184E8\Replicator WIN-QOATMA184E8 TRUE S-1-5-32-552 OK WIN-QOATMA184E8\Users WIN-QOATMA184E8 TRUE S-1-5-32-545 OK WIN-QOATMA184E8\WinRMRemoteWMIUsers__ WIN-QOATMA184E8 TRUE S-1-5-21-3580962554-2649974931-79358928-1000 OK

查看所有系統內置用戶和組

C:\Users\Administrator> WHOAMI /USER /GROUPS用戶信息 ----------------用戶名 SID ============================= =========================================== win-qoatma184e8\administrator S-1-5-21-3580962554-2649974931-79358928-500組信息 -----------------組名 類型 SID 屬性 ===================================== ====== ============ ========================================== Everyone 已知組 S-1-1-0 必需的組, 啟用于默認, 啟用的組 NT AUTHORITY\本地帳戶和管理員組成員 已知組 S-1-5-114 必需的組, 啟用于默認, 啟用的組 BUILTIN\Administrators 別名 S-1-5-32-544 必需的組, 啟用于默認, 啟用的組, 組的所有者 BUILTIN\Users 別名 S-1-5-32-545 必需的組, 啟用于默認, 啟用的組 NT AUTHORITY\REMOTE INTERACTIVE LOGON 已知組 S-1-5-14 必需的組, 啟用于默認, 啟用的組 NT AUTHORITY\INTERACTIVE 已知組 S-1-5-4 必需的組, 啟用于默認, 啟用的組 NT AUTHORITY\Authenticated Users 已知組 S-1-5-11 必需的組, 啟用于默認, 啟用的組 NT AUTHORITY\This Organization 已知組 S-1-5-15 必需的組, 啟用于默認, 啟用的組 NT AUTHORITY\本地帳戶 已知組 S-1-5-113 必需的組, 啟用于默認, 啟用的組 LOCAL 已知組 S-1-2-0 必需的組, 啟用于默認, 啟用的組 NT AUTHORITY\NTLM Authentication 已知組 S-1-5-64-10 必需的組, 啟用于默認, 啟用的組 Mandatory Label\High Mandatory Level 標簽 S-1-16-12288

?

初始配置文件路徑:? ? ?%windir%\inf\defltbase.inf

; Copyright (c) Microsoft Corporation. All rights reserved. ; ; Security Configuration Template for Security Configuration Editor ; ; Template Name: DefltSV.INF ; Template Version: 05.10.DS.0000 ; ; Default Security For Windows VISTA Server.[Profile Description] %SCEDefltSVProfileDescription%[version] signature="$CHICAGO$" revision=1 DriverVer=06/21/2006,6.3.9600.16384[System Access] ;---------------------------------------------------------------- ;Account Policies - Password Policy ( 賬戶策略 - 密碼策略 ) ;---------------------------------------------------------------- MinimumPasswordAge = 0 -- 密碼最短使用期限 MaximumPasswordAge = 42 -- 密碼最長使用期限 MinimumPasswordLength = 0 -- 密碼長度最小值 PasswordComplexity = 1 -- 密碼必須符合復雜性要求 PasswordHistorySize = 0 -- 強制密碼歷史 RequireLogonToChangePassword = 0 -- 需要登陸后更改密碼 ClearTextPassword = 0 -- ;---------------------------------------------------------------- ;Account Policies - Lockout Policy ( 賬戶策略 - 賬戶鎖定策略 ) ;---------------------------------------------------------------- ;No Account Lockout LockoutBadCount = 0 -- 賬戶鎖定閾值 （默認0次無效登陸）;The following are not configured when No Account Lockout ;ResetLockoutCount = 30 -- 重置賬戶鎖定計數器（分鐘） ;LockoutDuration = 30 -- 賬戶鎖定時間（分鐘）;---------------------------------------------------------------- ;Local Policies - Security Options ( 本地策略 - 安全選項 ) ;---------------------------------------------------------------- ;DC Only ;ForceLogoffWhenHourExpire = 0LSAAnonymousNameLookup = 0;NewAdministatorName = ;NewGuestName = ;SecureSystemPartition;---------------------------------------------------------------- ;Event Log - Log Settings ( 事件查看器 - 日志設定 ) ;---------------------------------------------------------------- ;Audit Log Retention Period: 審計日志保存周期 ;0 = Overwrite Events As Needed 按需要覆蓋事件(舊事件優先) ;1 = Overwrite Events As Specified by Retention Days Entry 日志滿時將其存檔，不覆蓋事件 ;2 = Never Overwrite Events (Clear Log Manually) 不覆蓋事件(手動清除日志)[System Log] 系統日志 MaximumLogSize = 20480 日志最大大小 AuditLogRetentionPeriod = 0 審計日志保留周期 (0就是上面的"按需要覆蓋事件(舊事件優先)") ;RetentionDays = 7 保留天數 RestrictGuestAccess = 1 限制客戶訪問(這個在哪里看呢？)[Security Log] 安裝日志 MaximumLogSize = 20480 AuditLogRetentionPeriod = 0 ;RetentionDays = 7 RestrictGuestAccess = 1[Application Log] 應用程序日志 MaximumLogSize = 20480 AuditLogRetentionPeriod = 0 ;RetentionDays = 7 RestrictGuestAccess = 1;---------------------------------------------------------------- ;Local Policies - Audit Policy ( 本地策略 - 審核策略 ) ;----------------------------------------------------------------[Event Audit] CrashOnAuditFull = 0;---------------------------------------------------------------- ;Registry Values ;---------------------------------------------------------------- [Registry Values] ; Registry value name in full path = Type, Value ; REG_SZ ( 1 ) ; REG_EXPAND_SZ ( 2 ) // with environment variables to expand ; REG_BINARY ( 3 ) ; REG_DWORD ( 4 ) ; REG_MULTI_SZ ( 7 )MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,0 MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0 MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds=4,0 MACHINE\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous=4,0 MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest=4,0 MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled=4,0 MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,0 MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash=4,1 MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0 MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=4,1;Domain Controllers Only ;MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl=4,0MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDrivers=4,1MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel\ObCaseInsensitive=4,1 MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,0 MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,0 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RestrictNullSessAccess=4,1MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnableSecuritySignature=4,1 MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecuritySignature=4,0 MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPassword=4,0MACHINE\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrity=4,1;Potential to take on different values during and after setup ;MACHINE\Software\Microsoft\Driver Signing\Policy=3,1 ;MACHINE\Software\Microsoft\Non-Driver Signing\Policy=3,0MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableCAD=4,0 MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLastUserName=4,0 MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption=1,"" MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText=7,"" MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ScForceOption=4,0 MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogon=4,0 MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon=4,1MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel=4,0 MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SetCommand=4,0MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScRemoveOption=1,0MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\AuthenticodeEnabled=4,0; remove lsarpc, samr and netlogon from anonymously accessible pipes MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\NullSessionPipes=8,Remove:,lsarpc,samr,netlogon;---------------------------------------------------------------------- ; Privileges & Rights ;---------------------------------------------------------------------- ; ;World S-1-1-0 ; ;NT Authority S-1-5 ;TERMINAL_SERVER 13 ;LOCAL_SERVICE 19 ;NETWORK_SERVICE 20 ; ;Built-In Domain SubAuthority = S-1-5-32 ;ADMINISTRATORS 544 ;USERS 545 ;GUESTS 546 ;POWER_USERS (DEPRECATED) ;ACCOUNT_OPS 548 ;SYSTEM_OPS 549 ;PRINT_OPS 550 ;BACKUP_OPS 551 ;REPLICATOR 552 ;RAS_SERVERS 553 ;PREW2KCOMPACCESS 554 ;REMOTE_DESKTOP_USERS 555 ;NETWORK_CONFIGURATION_OPS 556 ;LOGGING_USERS 559 ;WdiServiceHost S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420 ;ALL SERVICES S-1-5-80-0[Privilege Rights] 用戶權限分配 ;-- 計算機配置\windows設置\安全設置本地策略\用戶權限分配 SeAssignPrimaryTokenPrivilege = *S-1-5-19, *S-1-5-20 替換進程級令牌 SeAuditPrivilege = *S-1-5-19, *S-1-5-20 生成安全審核 SeBackupPrivilege = *S-1-5-32-544, *S-1-5-32-551 備份文件和目錄 SeBatchLogonRight = *S-1-5-32-544, *S-1-5-32-551, *S-1-5-32-559 作為批處理作業登錄 SeChangeNotifyPrivilege = *S-1-5-32-544, *S-1-5-32-551, *S-1-5-32-545, *S-1-1-0, *S-1-5-19, *S-1-5-20 跳過遍歷檢查 SeCreateGlobalPrivilege = *S-1-5-6, *S-1-5-32-544, *S-1-5-19, *S-1-5-20 創建全局對象 SeCreatePagefilePrivilege = *S-1-5-32-544 創建頁面文件 SeCreatePermanentPrivilege = 創建永久共享的對象 SeCreateSymbolicLinkPrivilege = *S-1-5-32-544 拒絕通過遠程桌面服務登錄 SeCreateTokenPrivilege = 創建令牌的對象 SeDebugPrivilege = *S-1-5-32-544 調試程序 SeImpersonatePrivilege = *S-1-5-6, *S-1-5-32-544, *S-1-5-19, *S-1-5-20 身份驗證后模擬客戶端 SeIncreaseBasePriorityPrivilege = *S-1-5-32-544 提高日程安排的優先級 SeIncreaseQuotaPrivilege = *S-1-5-32-544, *S-1-5-19, *S-1-5-20 調整進程的內存配額 SeIncreaseWorkingSetPrivilege = *S-1-5-32-545 增加進程工作集 SeInteractiveLogonRight = *S-1-5-32-544, *S-1-5-32-551, *S-1-5-32-545 允許本地登錄 SeLoadDriverPrivilege = *S-1-5-32-544 SeLockMemoryPrivilege = 鎖定內存頁 SeMachineAccountPrivilege = 將工作站添加到域 SeManageVolumePrivilege = *S-1-5-32-544 執行卷維護任務 SeNetworkLogonRight = *S-1-5-32-544, *S-1-5-32-551, *S-1-5-32-545, *S-1-1-0 從網絡訪問此計算機 SeProfileSingleProcessPrivilege = *S-1-5-32-544 配置單一進程 SeRemoteInteractiveLogonRight = *S-1-5-32-544, *S-1-5-32-555 允許通過遠程桌面服務登錄 SeRemoteShutdownPrivilege = *S-1-5-32-544 從遠程系統強制關機 SeRestorePrivilege = *S-1-5-32-544, *S-1-5-32-551 還原文件和目錄 SeSecurityPrivilege = *S-1-5-32-544 管理審核和安全日志 SeServiceLogonRight = *S-1-5-80-0 作為服務登錄 SeShutdownPrivilege = *S-1-5-32-544, *S-1-5-32-551 關閉系統 SeSystemEnvironmentPrivilege = *S-1-5-32-544 修改固件環境值 SeSystemProfilePrivilege = *S-1-5-32-544, *S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420 配置系統性能 SeSystemTimePrivilege = *S-1-5-32-544, *S-1-5-19 更改系統時間 SeTakeOwnershipPrivilege = *S-1-5-32-544 獲得文件或其他對象的所有權 SeTcbPrivilege = 充當操作系統的一部分 SeTimeZonePrivilege = *S-1-5-32-544, *S-1-5-19 更改時區 ; SeDenyInteractiveLogonRight = 拒絕從本地登陸 SeDenyBatchLogonRight = 拒絕作為批處理作業登陸 SeDenyServiceLogonRight = 拒絕作為服務登陸 SeDenyNetworkLogonRight = 拒絕從網絡訪問這臺計算機 SeDenyRemoteInteractiveLogonRight = 拒絕通過遠程桌面服務登錄 ; SeUndockPrivilege = *S-1-5-32-544 從擴展塢中取出計算機 SeSyncAgentPrivilege = 同步目錄服務數據 SeEnableDelegationPrivilege = 允許計算機和用戶帳戶被信任可以進行委派[Group Membership] *S-1-5-32-545__Memberof = *S-1-5-32-545__Members = *S-1-5-11,*S-1-5-4[Service General Setting] ;autostarted on workstations and servers, standalone or joined Browser,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" TrkWks,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" Dnscache,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;NO)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" PolicyAgent,,"D:(A;;CCLCSWLORC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" dmserver,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" PlugPlay,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" Spooler,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" ProtectedStorage,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" RpcSs,,"D:(A;;CCLCSWLORC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPLO;;;IU)(A;;CCLCSWRPLO;;;BU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" NtmsSvc,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" seclogon,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" SamSs,,"D:(A;;CCLCSWLORC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLO;;;IU)(A;;CCLCSWLO;;;BU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" lanmanserver,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" SENS,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" Schedule,2,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" Sysmonlog,,"D:(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCLCRPLOCR;;;LU)S:AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" LmHosts,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" LanmanWorkstation,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" RemoteRegistry,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"ClipSrv,4,"D:(A;;CCLCSWLORC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPLO;;;IU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" NetDDE,4,"D:(A;;CCLCSWLORC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPLO;;;IU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" NetDDEdsdm,4,"D:(A;;CCLCSWLORC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPLO;;;IU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" EventSystem,,"D:(A;;CCLCSWRPLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)";Not autostarted if machine is standalone Netlogon,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)";Server Only Services Dfs,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" LicenseService,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)";IIS Specific Services - Leave them alone ;IISADMIN,2,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" ;W3SVC,2,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" ;MSFTPSVC,2,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)" ;SMTPSVC,,"D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)"; ; set default startup for the following services - do not touch permissions ; ;;FastUserSwitching service not installed in setup Mnmsrvc,4,"" Themes,4,"" TlntSvr,4,"" ;;Tssdis service not installed in setup WmdmPmSp,3,""[Registry Keys];Not same as parent, and this is the target of a symlink - set explicitly."MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\SystemCertificates",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\SystemCertificates\Authroot",2,"D:AI(A;CIOI;GA;;;S-1-5-80-242729624-280608522-2219052887-3187409060-2225943459)""MACHINE\Software\Microsoft\Windows\CurrentVersion",0,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)""MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)";The following keys do not exist when we run. "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy",1,"D:AR" "MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies",1,"D:AR""MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)" "MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole",2,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)""MACHINE\System",0,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)""MACHINE\SYSTEM\Clone",1,"D:AR""MACHINE\SYSTEM\ControlSet001",1,"D:AR" "MACHINE\SYSTEM\ControlSet002",1,"D:AR" "MACHINE\SYSTEM\ControlSet003",1,"D:AR" "MACHINE\SYSTEM\ControlSet004",1,"D:AR" "MACHINE\SYSTEM\ControlSet005",1,"D:AR" "MACHINE\SYSTEM\ControlSet006",1,"D:AR" "MACHINE\SYSTEM\ControlSet007",1,"D:AR" "MACHINE\SYSTEM\ControlSet008",1,"D:AR" "MACHINE\SYSTEM\ControlSet009",1,"D:AR" "MACHINE\SYSTEM\ControlSet010",1,"D:AR""MACHINE\SYSTEM\CurrentControlSet\Control\Class",0,"D:AR""MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layouts",2,"D:(A;CI;GR;;;WD)" "MACHINE\SYSTEM\CurrentControlSet\Control\LSA\JD",2,"D:P(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)" "MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Skew1",2,"D:P(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)" "MACHINE\SYSTEM\CurrentControlSet\Control\LSA\GBG",2,"D:P(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)" "MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Data",2,"D:P(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)" "MACHINE\SYSTEM\CurrentControlSet\Control\Nsi",2,"D:P(A;CI;KR;;;BU)(A;CI;KA;;;BA)(A;CI;KA;;;SY)(A;CI;CCDCLCSWRPWPSDRC;;;NS)(A;CI;CCDCLCSWRPWPSDRC;;;LS)(A;CI;CCDCLCSWRPSDRC;;;NO)(A;CI;CCDCLCSWRPWPSDRC;;;S-1-5-80-2940520708-3855866260-481812779-327648279-1710889582)(A;CIIO;RC;;;S-1-3-4)(A;CI;KR;;;S-1-15-2-1)" "MACHINE\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a00-9b1a-11d4-9123-0050047759bc}\4",2,"D:P(A;CI;CCDCLCSWRPRC;;;AU)(A;CI;CCDCLCSWRPWPSDRC;;;LS)(A;CI;CCDCLCSWRPWPSDRC;;;NS)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CIIO;RC;;;S-1-3-4)(A;CI;KR;;;S-1-15-2-1)" "MACHINE\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a01-9b1a-11d4-9123-0050047759bc}\4",2,"D:P(A;CI;CCDCLCSWRPRC;;;AU)(A;CI;CCDCLCSWRPWPSDRC;;;LS)(A;CI;CCDCLCSWRPWPSDRC;;;NS)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CIIO;RC;;;S-1-3-4)(A;CI;KR;;;S-1-15-2-1)" "MACHINE\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a1C-9b1a-11d4-9123-0050047759bc}\0",2,"D:P(A;CI;CCDCLCSWRPRC;;;AU)(A;CI;CCDCLCSWRPWPSDRC;;;LS)(A;CI;CCDCLCSWRPWPSDRC;;;NS)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CIIO;RC;;;S-1-3-4)(A;CI;KR;;;S-1-15-2-1)" "MACHINE\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\8",2,"D:P(A;CI;KR;;;BU)(A;CI;KA;;;BA)(A;CI;KA;;;SY)(A;CI;CCDCLCSWRPWPSDRC;;;NS)(A;CI;CCDCLCSWRPWPSDRC;;;LS)(A;CI;CCDCLCSWRPSDRC;;;NO)(A;CI;CCDCLCSWRPWPSDRC;;;S-1-5-80-3088073201-1464728630-1879813800-1107566885-823218052)(A;CIIO;RC;;;S-1-3-4)(A;CI;KR;;;S-1-15-2-1)""MACHINE\SYSTEM\CurrentControlSet\Services",0,"D:P(A;CI;GR;;;BU)(A;CI;GA;;;BA)(A;CI;GA;;;SY)(A;CI;GA;;;CO)(A;CI;GR;;;S-1-15-2-1)";Set security subkey permissions for those services created via default hives "MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt\Security",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)" "MACHINE\SYSTEM\CurrentControlSet\Services\kdc\Security",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)" "MACHINE\SYSTEM\CurrentControlSet\Services\LicenseInfo",2,"D:AR(A;CI;CCLCSWRPRC;;;NS)(A;CIIO;CCDCLCSWRPRC;;;NS)" "MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr\Security",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)";Set security subkey permissions for those services created in GUI-mode setup before SCE runs "MACHINE\SYSTEM\CurrentControlSet\Services\STISvc\Security",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)""MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries",2,"D:(A;CI;GA;;;NS)(A;CI;CCDCLCSWSDRC;;;LU)""MACHINE\SYSTEM\CurrentControlSet\Enum",1,"D:AR" "MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles",1,"D:AR""USERS\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\ProtectedRoots",1,"D:AR"[File Security];--------------------------------------------------------------------------------------- ;System Drive ;--------------------------------------------------------------------------------------- ;SetupSecurity will contain the new root acl. Ignore docs and settings if it's reapplied (e.g. on conversion from FAT) ; Directories that might not exist when security is applied; but are listed here ; so that they get secured correctly on converting the file system to NTFS;--------------------------------------------------------------------------------------------- ;ProgramFiles ;--------------------------------------------------------------------------------------------- "%SceInfCommonProgramFiles%\SpeechEngines\Microsoft\TTS",2,"D:P(A;CIOI;GRGX;;;BU)(A;CIOI;GA;;;BA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)";--------------------------------------------------------------------------------------------- ;Win64 32bit ProgramFiles Directory ;---------------------------------------------------------------------------------------------;--------------------------------------------------------------------------------------------- ; ProgramData Folder (Typically \ProgramData) ;---------------------------------------------------------------------------------------------;--------------------------------------------------------------------------------------------- ;System Root (Typically \WINDOWS) ;---------------------------------------------------------------------------------------------;Directories that existed and inherited on NT4 out of the box. ;The text-mode files within these directories are individually secured below. ;Config, Cursors, Help, Media, Repair, System, Fonts, INF;Directories that do not exist when security applied during clean-install - Creator specifies directory security. ;We explicitly ignore so as not to whack the component-specified DIRECTORY security on upgrade or reapplication of defaults.;Profile for LocalService and NetworkService, moved from Users in Longhorn, creator specifies security "%SystemRoot%\ServiceProfiles\LocalService",1,"D:P(A;CIOI;GA;;;BA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;LS)" "%SystemRoot%\ServiceProfiles\NetworkService",1,"D:P(A;CIOI;GA;;;BA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;NS)";--------------------------------------------------------------------------------------------- ;System Directory (Typically \Windows\System32) ;---------------------------------------------------------------------------------------------;Directories with no legacy to preserve. Different from parent.; Directories that might not exist when security is applied; but are listed here ; so that they get secured correctly on converting the file system to NTFS "%SystemDirectory%\LogFiles\wms",2,"D:P(A;CIOI;GRGX;;;BU)(A;CIOI;GRGWGXSD;;;NS)(A;CIOI;GA;;;BA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)";----------------------------------------------------------------------------------------- ; SysWOW64 directories ;-----------------------------------------------------------------------------------------"%Systemroot%\SysWOW64\Export",2,"D:P(A;CIOI;GRGX;;;BU)(A;CIOI;GA;;;BA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)";----------------------------------------------------------------------------------------- ;Individual File Settings. ;----------------------------------------------------------------------------------------- "%Systemroot%\repair\default",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)" "%Systemroot%\repair\ntuser.dat",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)" "%Systemroot%\repair\sam",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)" "%Systemroot%\repair\security",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)" "%Systemroot%\repair\software",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)" "%Systemroot%\repair\system",2,"D:P(A;;GA;;;BA)(A;;GA;;;SY)"[Strings]SceInfAdministrator = "Administrator" SceInfAdmins = "Administrators" SceInfAcountOp = "Account Operators" SceInfAuthUsers = "Authenticated Users" SceInfInteractive = "INTERACTIVE" SceInfBackupOp = "Backup Operators" SceInfDomainAdmins = "Domain Admins" SceInfDomainGuests = "Domain Guests" SceInfDomainUsers = "Domain Users" SceInfEveryone = "Everyone" SceInfGuests = "Guests" SceInfGuest = "Guest" SceInfPowerUsers = "Power Users" SceInfPrintOp = "Print Operators" SceInfReplicator = "Replicator" SceInfServerOp = "Server Operators" SceInfUsers = "Users" SceInfLocalService = "Local Service" SceInfNetworkService = "Network Service" SceInfProgramFiles = "%ProgramFiles%" SceInfProgramFilesx86 = "%ProgramFiles(x86)%" SceInfCommonProgramFiles = "%CommonProgramFiles%" SceInfRemoteDesktopUsers = "Remote Desktop Users" SceDefltSVProfileDescription = "Default Security Settings. (Windows Server)" SCEInfSysdir1 = "edit.com" SCEInfSysdir2 = "edit.hlp" SCEInfHelp1 = "signin.hlp"

?附:

關于用戶權限的設置可以參考

https://docs.microsoft.com/zh-cn/previous-versions/windows/server/dn221963(v=ws.11)

命令行模式改變本地安全策略

http://blog.sina.com.cn/s/blog_1557e67c90102wa4m.html

總結

以上是生活随笔為你收集整理的Windows 组策略修改 之 初始化文件 %windir%\inf\defltbase.inf的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。