Reset Windows 2008 security to default
Hello I just windows 2008 server and am not able to reset the security templates to the default. I joind this system to a domain and think that may have caused my problems. How do i reset the security templates and the local gpo for this system? I cant find the setup security.inf file any where? Please advise... Robert
June 30th, 2007 10:51pm
When you join it to a domain it falls under the "domain controllers security policy" which will affect your system.
What settings do you believe are faulty?
Free Windows Admin Tool Kit Click here and download it now
July 2nd, 2007 12:06pm
There is no way to reset security to the defaults. There never has been. Setup security.inf is nothing more than a log file. It is not a complete and accurate representation of the default security state of the system.
The closest thing to a default security setting is in the defltsrv.inf template, but components are not necessarily all reflected there.
July 6th, 2007 6:44am
You can roll back security however in 2008 using the security configuration wizard.
Run SCW and select the last option - rollback the last applied security policy!
I also recommend you having a look at the following KB article.
http://support.microsoft.com/kb/313222
Also check out this article by David Beach
http://blogs.technet.com/b/askds/archive/2008/05/28/default-security-templates-in-windows-2008.aspx
Clint Boessen MVP, MCSE, MCITPx4, Dip Network Engineering
Perth, Western Australia
Blog: http://clintboessen.blogspot.com/
Free Windows Admin Tool Kit Click here and download it now
January 13th, 2011 12:51am
One more thing to note... if your going to make changes to the security policy make sure you generate a rollback so you can use SCW!
secedit /GenerateRollback
The generate rollback feature is designed to make a reverse template. This is simply a template of the server's current settings. The idea is that if something goes horribly wrong, the rollback template can be used to restore most of the server's previous
settings. You will notice that I said in most of the previous settings, not all of the previous settings. The rollback template is not able to change access control list entries on files or on registry entries that were changed by the template that you want
to undo.Clint Boessen MVP, MCSE, MCITPx4, Dip Network Engineering
Perth, Western Australia
Blog: http://clintboessen.blogspot.com/
January 13th, 2011 1:16am