Page 1 of 2 12>
Topic Options
#68035 - 2002-07-11 09:06 AM Determine NTConfig.pol entries
MightyR1 Offline
MM club member
*****

Registered: 1999-09-09
Posts: 1264
Loc: The Netherlands
Does anyone know how to determine which entries are selected in an existing ntconfig.pol file?
I've got the .adm files.

Possible solution:
  • Log in as a user
  • Read the adm and determine the regkey
  • Write the key and it's current value in a file
  • Read next key
_________________________
Greetz,
Patrick Rutten

- We'll either find a way or make one...
- Knowledge is power; knowing how to find it is more powerful...
- Problems don't exist; they are challenges...

Top
#68036 - 2002-07-11 01:58 PM Re: Determine NTConfig.pol entries
Kdyer Offline
KiX Supporter
*****

Registered: 2001-01-03
Posts: 6241
Loc: Tigard, OR
Patrick,

Do you have POLEDIT.EXE? That is the easiest way to look inside these files.

Kent
_________________________
Utilize these resources:
UDFs (Full List)
KiXtart FAQ & How to's

Top
#68037 - 2002-07-11 01:59 PM Re: Determine NTConfig.pol entries
Shawn Administrator Offline
Administrator
*****

Registered: 1999-08-13
Posts: 8611
Hi Patrick, curiousity is killing me here. Why are you doing this ? You want to do this in the login script ?

-Shawn

Top
#68038 - 2002-07-11 02:31 PM Re: Determine NTConfig.pol entries
MightyR1 Offline
MM club member
*****

Registered: 1999-09-09
Posts: 1264
Loc: The Netherlands
Kent, Shawn,

yes I've got Poledit and know how to use it. But I use several custom made .adm files.

For documentation purposes I'd like to know what entries are entered using poledit. Making Printscreens does the job, but generates many many many pages.

Reading the .adm files and determining the reg values gives me an overview of the policy applied to the user.

I don't want to run it during login, but only once to document every setting.

Now I'm searching for a simple solution to do the job...
_________________________
Greetz,
Patrick Rutten

- We'll either find a way or make one...
- Knowledge is power; knowing how to find it is more powerful...
- Problems don't exist; they are challenges...

Top
#68039 - 2002-07-11 02:44 PM Re: Determine NTConfig.pol entries
Chris S. Offline
MM club member
*****

Registered: 2002-03-18
Posts: 2368
Loc: Earth
Why not run one of the many registry watcher programs out there as you apply your policies. Here's a free one that will create a log for you...

InstallWatch 2.5

Top
#68040 - 2002-07-11 02:59 PM Re: Determine NTConfig.pol entries
Shawn Administrator Offline
Administrator
*****

Registered: 1999-08-13
Posts: 8611
Patrick - yes - thats kinda what I thought - a very cool and noble cause because to be honest, I would LOVE to have such a utility as well. We got about a bazillion custom policies - and its a pain-in-the-a$$ to document them all. Plus, a reporting tool would be very usefull when double checking policy changes, after modifications are made (we all know what can happen when one forgets to include a reference to a template, when making changes) ...

Remember at the time, was thinking about writing a Kix script to do this - but the thought of parsing the ADM file - and then trying to "reverse engineer" and "match-up" the policy settings (like POLEDIT does) turned me off - imho - POLEDIT is a magic piece of software - when you really delve into it.

Another option might be a LIGHTWEIGHT reporting tool. Not too sure if you know this or not, but one can LOAD a .POL file, just like any other REGISTRY HIVE. .POL IS A registry hive actually. I load them to manually review changes - and then do an registry export on the before and after hives - just to double check that I haven't dropped anything.

Having said that, maybe you could:

1) Load the .POL hive into HKU and give it a name. Use LOADHIVE() and UNLOADHIVE()

2) Enumerate the loaded hive using READVALUE() and produce a report.

All the GROUP information is embedded in the hive, as registry keys. Lots of good stuff in there.

Problem is - you won't get all the "description strings" from the template ... but if you did want to persue parsing the ADM, this "backward" approach might help. But believe me - anyway you slice it - if you did get it going - I would be first in line to download and use it.

-Shawn

[ 11 July 2002, 15:08: Message edited by: Shawn ]

Top
#68041 - 2002-07-12 08:08 AM Re: Determine NTConfig.pol entries
MightyR1 Offline
MM club member
*****

Registered: 1999-09-09
Posts: 1264
Loc: The Netherlands
Guys,

thnx for the tips. I'm going to build something and come back with te result...
_________________________
Greetz,
Patrick Rutten

- We'll either find a way or make one...
- Knowledge is power; knowing how to find it is more powerful...
- Problems don't exist; they are challenges...

Top
#68042 - 2002-07-12 01:28 PM Re: Determine NTConfig.pol entries
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
Would you like a script that outputs the contents of ADM files looking like this (example is WINNT.ADM):
code:
Registry hive: MACHINE
|-Windows NT Network
| |-Sharing
| | Key: System\CurrentControlSet\Services\LanManServer\Parameters
| | Policy: Create hidden drive shares (workstation)
| | Entry: 'AutoShareWks'
| | Policy: Create hidden drive shares (server)
| | Entry: 'AutoShareServer'
|-Windows NT Printers
| Key: System\CurrentControlSet\Control\Print
| Policy: Disable browse thread on this computer
| Entry: 'DisableServerThread'
| Policy: Scheduler priority
| Entry: 'SchedulerThreadPriority'
| Policy: Beep for error enabled
| Entry: 'BeepEnabled'
|-Windows NT Remote Access
| Key: System\CurrentControlSet\Services\RemoteAccess\Parameters
| Policy: Max number of unsuccessful authentication retries
| Entry: 'AuthenticateRetries'
| Policy: Max time limit for authentication
| Entry: 'AuthenticateTime'
| Policy: Wait interval for callback
| Entry: 'CallbackTime'
| Policy: Auto Disconnect
| Entry: 'AutoDisconnect'
|-Windows NT Shell
| |-Custom shared folders
| | Key: Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
| | Policy: Custom shared Programs folder
| | Entry: 'Common Programs'
| | Policy: Custom shared desktop icons
| | Entry: 'Common Desktop'
| | Policy: Custom shared Start menu
| | Entry: 'Common Start Menu'
| | Policy: Custom shared Startup folder
| | Entry: 'Common Startup'
|-Windows NT System
| |-Logon
| | Policy: Logon banner
| | Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon
| | Entry: 'LegalNoticeCaption'
| | Entry: 'LegalNoticeText'
| | Policy: Enable shutdown from Authentication dialog box
| | Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon
| | Entry: 'ShutdownWithoutLogon'
| | Policy: Do not display last logged on user name
| | Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon
| | Entry: 'DontDisplayLastUserName'
| | Policy: Run logon scripts synchronously.
| | Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon
| | Entry: 'RunLogonScriptSync'
| |-File system
| | Key: System\CurrentControlSet\Control\FileSystem
| | Policy: Do not create 8.3 file names for long file names
| | Entry: 'NtfsDisable8dot3NameCreation'
| | Policy: Allow extended characters in 8.3 file names
| | Entry: 'NtfsAllowExtendedCharacterIn8dot3Name'
| | Policy: Do not update last access time
| | Entry: 'NtfsDisableLastAccessUpdate'
|-Windows NT User Profiles
| Key: Software\Microsoft\Windows NT\CurrentVersion\winlogon
| Policy: Delete cached copies of roaming profiles
| Entry: 'DeleteRoamingCache'
| Policy: Automatically detect slow network connections
| Entry: 'SlowLinkDetectEnabled'
| Policy: Slow network connection timeout
| Entry: 'SlowLinkTimeOut'
| Policy: Slow network default profile operation
| Entry: 'SlowLinkProfileDefault'
| Policy: Choose profile default operation
| Entry: 'ChooseProfileDefault'
| Policy: Timeout for dialog boxes
| Entry: 'ProfileDlgTimeOut'

Registry hive: USER
|-Windows NT Shell
| |-Custom user interface
| | Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon
| | Policy: Custom shell
| | Entry: 'Shell'
| |-Custom folders
| | Key: Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
| | Policy: Custom Programs folder
| | Entry: 'Programs'
| | Policy: Custom desktop icons
| | Entry: 'Desktop'
| | Policy: Hide Start menu subfolders
| | Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| | Entry: 'NoStartMenuSubFolders'
| | Policy: Custom Startup folder
| | Entry: 'Startup'
| | Policy: Custom Network Neighborhood
| | Entry: 'NetHood'
| | Policy: Custom Start menu
| | Entry: 'Start Menu'
| |-Restrictions
| | Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| | Policy: Only use approved shell extensions
| | Entry: 'EnforceShellExtensionSecurity'
| | Policy: Remove View->Options menu from Explorer
| | Entry: 'NoOptions'
| | Policy: Remove Tools->GoTo menu from Explorer
| | Entry: 'NoGoTo'
| | Policy: Remove File menu from Explorer
| | Entry: 'NoFileMenu'
| | Policy: Remove common program groups from Start menu
| | Entry: 'NoCommonGroups'
| | Policy: Disable context menus for the taskbar
| | Entry: 'NoTrayContextMenu'
| | Policy: Disable Explorer's default context menu
| | Entry: 'NoViewContextMenu'
| | Policy: Remove the "Map Network Drive" and "Disconnect Network Drive" options
| | Entry: 'NoNetConnectDisconnect'
| | Policy: Disable link file tracking
| | Entry: 'LinkResolveIgnoreLinkInfo'
| | Policy: Remove NT Security item from Start menu
| | Entry: 'NoNTSecurity'
| | Policy: Remove Disconnect item from Start menu
| | Entry: 'NoDisconnect'
| | Policy: Remove Logoff item from Start menu
| | Entry: 'NoLogoff'
| | Policy: Prevent user from changing file type associations
| | Entry: 'NoFileAssociate'
|-Windows NT System
| Policy: Parse Autoexec.bat
| Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon
| Entry: 'ParseAutoexec'
| Policy: Run logon scripts synchronously.
| Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon
| Entry: 'RunLogonScriptSync'
| Policy: Disable Logoff
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| Entry: 'NoLogoff'
| Policy: Disable Task Manager
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| Entry: 'DisableTaskMgr'
| Policy: Disable Lock Workstation
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| Entry: 'DisableLockWorkstation'
| Policy: Disable Change Password
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| Entry: 'DisableChangePassword'
| Policy: Show welcome tips at logon
| Key: Software\Microsoft\Windows\CurrentVersion\Explorer\Tips
| Entry: 'Show'
|-Windows NT User Profiles
| Policy: Limit profile size
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| Entry: 'EnableProfileQuota'
| Entry: 'ProfileQuotaMessage'
| Entry: 'MaxProfileSize'
| Entry: 'IncludeRegInProQuota'
| Entry: 'WarnUser'
| Entry: 'WarnUserTimeout'
| Policy: Exclude directories in roaming profile
| Key: Software\Policies\Microsoft\Windows\System
| Entry: 'ExcludeProfileDirs'

You would? Here you go then:
quote:
USE NEWER VERSION POSTED BELOW
It doesn't parse everything (help comments for example), but the framework is there to add the rest.

Unfortunately the real world (work) has intervened so I'm going to have to leave it now.

NB When specifying the "ADM" file be sure to include a path name otherwise the string lookups will fail, i.e. "WINNT.ADM" will *not* work, ".\WINNT.ADM" will.

Of course it is trivial to use the information to read the reg keys and display the contents, but I leave that as an exercise for the reader [Wink]

[ 12 July 2002, 16:43: Message edited by: Richard Howarth ]

Top
#68043 - 2002-07-12 01:56 PM Re: Determine NTConfig.pol entries
Shawn Administrator Offline
Administrator
*****

Registered: 1999-08-13
Posts: 8611
[Eek!]
Top
#68044 - 2002-07-12 02:02 PM Re: Determine NTConfig.pol entries
Kdyer Offline
KiX Supporter
*****

Registered: 2001-01-03
Posts: 6241
Loc: Tigard, OR
Wow!

That is cool.

Kent
_________________________
Utilize these resources:
UDFs (Full List)
KiXtart FAQ & How to's

Top
#68045 - 2002-07-12 02:36 PM Re: Determine NTConfig.pol entries
MightyR1 Offline
MM club member
*****

Registered: 1999-09-09
Posts: 1264
Loc: The Netherlands
[Eek!] [Eek!] [Eek!]

Richard,

thnx very much. I'll try to build a script to determine the entered value of a looged on user....
_________________________
Greetz,
Patrick Rutten

- We'll either find a way or make one...
- Knowledge is power; knowing how to find it is more powerful...
- Problems don't exist; they are challenges...

Top
#68046 - 2002-07-12 03:22 PM Re: Determine NTConfig.pol entries
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
Ok, fixed up as a UDF to make calling it easier and added code to display current registry values.

Not much of interest appears in the example as I'm running it on a vanilla Win95 machine.

quote:
USE NEWER VERSION POSTED BELOW
Fixed schoolboy error in deleted post where strings were not being expanded. Tch.

[ 12 July 2002, 16:44: Message edited by: Richard Howarth ]

Top
#68047 - 2002-07-12 03:50 PM Re: Determine NTConfig.pol entries
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
Rich,
Do you have one for GPOs? [Big Grin]
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#68048 - 2002-07-12 04:29 PM Re: Determine NTConfig.pol entries
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
{shrugs} AFAIK the registry template (.adm) files are exactly the same.

So long as they are not too esoteric the script will work with them unchanged.

I don't have W2K stuff to play with, so I dunno.

Top
#68049 - 2002-07-12 04:39 PM Re: Determine NTConfig.pol entries
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
Updated to handle VALUEPREFIX type entries.

At least I think it does. Don't have any to test it on [Wink]

code:
Break On

Global $bInString $bInString=0
Global $bIsEnding $bIsEnding=0
Global $sString
Global $cQuote $cQuote='"'
Global $sAction
Global $sHive
Global $sKey
Global $sEntry
Global $sIniFile

; Constants
Global $INDENT $INDENT=" | "
Global $BRANCH $BRANCH=" |-"
Global $SPACES $SPACES=" "
Global $TAB $TAB=Chr(9)

; Call UDF
$=udfDocPolicy(".\common.adm")

Function udfDocPolicy($sPolicyFile)
If Open(1,$sPolicyFile)
"Cannot open file " $sPolicyFile " for reading." ?
$udfDocPolicy=1
Return
EndIf

$sIniFile=$sPolicyFile

$sData=ReadLine(1)
While @ERROR=0
; Convert tabs to spaces.
; How long did it take me to work out why the split was failing!
; Doh!
$iIndex=InStr($sData,$TAB)
While $iIndex
$sData="" + SubStr($sData,1,$iIndex-1) + " " + SubStr($sData,$iIndex+1,9999)
$iIndex=InStr($sData,$TAB)
Loop
udfParseLine(Split($sData))
$sData=ReadLine(1)
Loop
$udfDocPolicy=0
Return
EndFunction

Function udfParseLine($asData)
$iArraySize=Ubound($asData)
For $iIndex = 0 To $iArraySize
udfInterpret($asData[$iIndex])
Next
EndFunction

Function udfInterpret($sToken)

If $bInString=0 $sString="" EndIf

If $sAction = ""
Select
Case $sToken="END"
$sAction=$sToken
Case $sToken="CLASS"
$sAction=$sToken
Case $sToken="CATEGORY"
$sAction=$sToken
Case $sToken="PART"
$sAction=$sToken
Case $sToken="POLICY"
$sAction=$sToken
Case $sToken="KEYNAME"
$sAction=$sToken
Case $sToken="VALUENAME"
$sAction=$sToken
Case $sToken="VALUEPREFIX"
$sAction=$sToken
EndSelect
Else
Select
Case $bInString
$sString=$sString + " " + $sToken
If SubStr($sToken,Len($sToken),1)=$cQuote
$bInString=0
$sString=SubStr($sString,1,Len($sString)-1)
EndIf
Case $sToken=""
Return
Case SubStr($sToken,1,1)=$cQuote
$bInString=1
$sString=SubStr($sToken,2,Len($sToken)-1)
If SubStr($sString,Len($sString),1)=$cQuote
$bInString=0
$sString=SubStr($sString,1,Len($sString)-1)
EndIf
Case SubStr($sToken,1,2)="!!"
; Get parameter from string fields
$sString=ReadProfileString($sIniFile,"strings",SubStr($sToken,3,99))
EndSelect
; Actions.
If $bInString Return EndIf
Select
Case $sAction="END"
Select
Case $sToken="CATEGORY"
$sIndent=SubStr($sIndent,1,Len($sIndent)-Len($INDENT))
EndSelect
$sAction=""
Case $sAction="CLASS"
? "Registry hive: " $sToken ?
$sIndent=""
Select
Case $sToken="MACHINE"
$sHive="HKEY_LOCAL_MACHINE"
Case $sToken="USER"
$sHive="HKEY_CURRENT_USER"
EndSelect
Case $sAction="CATEGORY"
$sIndent $BRANCH
If $sString="" $sToken Else $sString EndIf
?
$sIndent=""+$sIndent+$INDENT
Case $sAction="POLICY"
$sIndent $SPACES "Policy: "
If $sString="" $sToken Else $sString EndIf
?
Case $sAction="KEYNAME"
If $sString="" $sKey=$sToken Else $sKey=$sString EndIf
$sIndent $SPACES "Key: " $sKey ?
Case $sAction="VALUENAME"
If $sString="" $sEntry=$sToken Else $sEntry=$sString EndIf
$sIndent $SPACES $SPACES "Entry: '" $sEntry "'=" ReadValue($sHive + "\" + $sKey,$sEntry) ?
Case $sAction="VALUEPREFIX"
$iEnum=0
$sEntry=EnumValue($sHive + "\" + $sKey,$iEnum)
While @ERROR=0
"ERROR=@ERROR, Enum=$iEnum, Entry=$sEntry" ?
If $sString=SubStr($sEntry,1,Len($sString))
$sIndent $SPACES $SPACES "Entry: '" $sEntry "'="
ReadValue($sHive + "\" + $sKey,$sEntry) ?
EndIf
$iEnum=$iEnum+1
$sEntry=EnumValue($sHive + "\" + $sKey,$iEnum)
Loop
EndSelect
$sAction=""
$bIsEnding=0
EndIf
EndFunction



[ 15 July 2002, 16:19: Message edited by: Richard Howarth ]

Top
#68050 - 2002-07-12 08:02 PM Re: Determine NTConfig.pol entries
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Thanks Richard...

Trying it against the SYSTEM.ADM file (copied to a test folder) results in an error.

code:
Script error: unknown or unexpected command [ÿ_#]!
ÿ_#

I also tried it on a common.adm file from NT 4.0 and it worked just fine on that, but not on the 2000 system.adm file.

Top
#68051 - 2002-07-16 12:10 AM Re: Determine NTConfig.pol entries
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
Hmmm...

Might be the unicode problem. I'm trying to get a copy of the file to play with.

In the meantime, cut'n'paste the file into a non-unicode app and save as straight ASCII. Let me know if this works for you.

{EDIT}
Update: The Win2K files are indeed in unicode, so the Readline() and (possibly) ReadProfileString() calls will fail.
{/EDIT}

[ 15 July 2002, 16:23: Message edited by: Richard Howarth ]

Top
#68052 - 2002-07-16 10:45 AM Re: Determine NTConfig.pol entries
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
Ok. There are two problems with the W2K adm files.
1) They are in Unicode. You can open them in word, then save as "text only" to a new name. This file is then readable and works fine.
2) They are huge. The system.adm file is still ~370 KB after converting to text. This causes the string lookup to fail, so all the string tokens get returned as their original "!!Token" format rather that the more readable string.

The string lookup fails because it uses ReadProfileString(), and this is limited to 64KB files in the API. The option here is to pre-parse the file and create a smaller strings file and use that for the lookup, or just to accept that the strings will not be displayed in friendly format.

Here is a small sample from W2K system.adm:
code:
   Policy: !!GPOnlyPolicy
Key: Software\Policies
|-;CLASS
| Policy: !!GPOnlyPolicy
| Key: Software\Policies
| |-;#endif

Registry hive: MACHINE
|-!!AdministrativeServices
| Policy: !!NoSecurityMenu
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| Entry: 'NoNTSecurity'=
| Policy: !!NoDisconnectMenu
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| Entry: 'NoDisconnect'=
| Policy: !!DisableStatusMessages
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| Entry: 'DisableStatusMessages'=
| Policy: !!VerboseStatus
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| Entry: 'VerboseStatus'=
| Policy: !!Autorun
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| Entry: 'NoDriveTypeAutoRun'=
| Policy: !!NoWelcomeTips
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| Entry: 'NoWelcomeScreen'=
| Policy: !!Run
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
| Policy: !!DisableExplorerRunOnceLegacy
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| Entry: 'DisableLocalMachineRunOnce'=
| Policy: !!DisableExplorerRunLegacy
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| Entry: 'DisableLocalMachineRun'=
| Policy: !!NoEncryptOnMove
| Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
| Entry: 'NoEncryptOnMove'=
| Policy: !!AppMgmt_COM_SearchForCLSID
| Key: Software\Policies\Microsoft\Windows\App Management
| Entry: 'COMClassStore'=
| |-!!Login_Policies
| | Policy: !!Run_Logon_Script_Sync
| | Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| | Entry: 'RunLogonScriptSync'=
| | Policy: !!Run_Startup_Script_Sync
| | Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| | Entry: 'RunStartupScriptSync'=
| | Policy: !!Run_Startup_Script_Visible
| | Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| | Entry: 'HideStartupScripts'=
| | Policy: !!Run_Shutdown_Script_Visible
| | Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| | Entry: 'HideShutdownScripts'=
| | Policy: !!MaxGPOScriptWaitPolicy
| | Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
| | Entry: 'MaxGPOScriptWait'=
| | Policy: !!DeleteRoamingCachedProfiles
| | Key: Software\Policies\Microsoft\Windows\System
| | Entry: 'DeleteRoamingCache'=
| | Policy: !!EnableSlowLinkDetect
| | Key: Software\Policies\Microsoft\Windows\System
| | Entry: 'SlowLinkDetectEnabled'=
| | Policy: !!SlowLinkTimeOut
| | Key: Software\Policies\Microsoft\Windows\System

As you can see it kind of works [Wink]
There are no values because I'm running it on a Win95 box.

I suggest that anyone who wants to use this for documenting settings should either adapt it to read the registry remotely, or spawn it as a parallel process, as it will take a long time to run due to the sheer size of the W2K .adm files.

Top
#68053 - 2002-07-16 02:27 PM Re: Determine NTConfig.pol entries
Les Offline
KiX Master
*****

Registered: 2001-06-11
Posts: 12734
Loc: fortfrances.on.ca
Richard,
I believe the 64k limit is Wintendo only. What are you doing messing with Wintendo anyway?
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.

Top
#68054 - 2002-07-17 09:35 AM Re: Determine NTConfig.pol entries
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
I support a large and disparate user base with varied OSes (I even have one Windows 3.11 machine!), so I use the lowest common denominator as my day-to-day/development box.

It's a Pentium-Pro 180 with 64mb memory that I've been using for about 4 years, and is one of the quickest and most reliable boxes in the department.

It will be 18 months at least until the last of our Win95 machines goes, and that will probably be mine [Wink]

Top
Page 1 of 2 12>


Moderator:  Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 515 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.071 seconds in which 0.024 seconds were spent on a total of 13 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org