go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/resources/windows/testdata/secpol.toml

go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/resources/windows/testdata/secpol.toml (about)

     1  [commands."powershell.exe -NoProfile -EncodedCommand JABQAHIAbwBnAHIAZQBzAHMAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACcAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAnADsACgBzAGUAYwBlAGQAaQB0ACAALwBlAHgAcABvAHIAdAAgAC8AYwBmAGcAIABvAHUAdAAuAGMAZgBnACAAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJAByAGEAdwAgAD0AIABHAGUAdAAtAEMAbwBuAHQAZQBuAHQAIABvAHUAdAAuAGMAZgBnAAoAUgBlAG0AbwB2AGUALQBJAHQAZQBtACAALgBcAG8AdQB0AC4AYwBmAGcAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAkAHIAYQB3AAoA"]
     2  stdout = """[Unicode]
     3  Unicode=yes
     4  [System Access]
     5  MinimumPasswordAge = 0
     6  MaximumPasswordAge = 42
     7  MinimumPasswordLength = 0
     8  PasswordComplexity = 1
     9  PasswordHistorySize = 0
    10  LockoutBadCount = 0
    11  RequireLogonToChangePassword = 0
    12  ForceLogoffWhenHourExpire = 0
    13  NewAdministratorName = \"chris\"
    14  NewGuestName = \"Guest\"
    15  ClearTextPassword = 0
    16  LSAAnonymousNameLookup = 0
    17  EnableAdminAccount = 1
    18  EnableGuestAccount = 0
    19  [Event Audit]
    20  AuditSystemEvents = 0
    21  AuditLogonEvents = 0
    22  AuditObjectAccess = 0
    23  AuditPrivilegeUse = 0
    24  AuditPolicyChange = 0
    25  AuditAccountManage = 0
    26  AuditProcessTracking = 0
    27  AuditDSAccess = 0
    28  AuditAccountLogon = 0
    29  [Registry Values]
    30  MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Setup\\RecoveryConsole\\SecurityLevel=4,0
    31  MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Setup\\RecoveryConsole\\SetCommand=4,0
    32  MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\CachedLogonsCount=1,"10"
    33  MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\ForceUnlockLogon=4,0
    34  MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\PasswordExpiryWarning=4,5
    35  MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\ScRemoveOption=1,"0"
    36  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\ConsentPromptBehaviorAdmin=4,5
    37  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\ConsentPromptBehaviorUser=4,3
    38  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\DisableCAD=4,0
    39  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\DontDisplayLastUserName=4,0
    40  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableInstallerDetection=4,1
    41  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableLUA=4,1
    42  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableSecureUIAPaths=4,1
    43  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableUIADesktopToggle=4,0
    44  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableVirtualization=4,1
    45  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\LegalNoticeCaption=1,""
    46  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\LegalNoticeText=7,
    47  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\PromptOnSecureDesktop=4,1
    48  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\ScForceOption=4,0
    49  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\ShutdownWithoutLogon=4,0
    50  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\UndockWithoutLogon=4,1
    51  MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\ValidateAdminCodeSignatures=4,0
    52  MACHINE\\Software\\Policies\\Microsoft\\Windows\\Safer\\CodeIdentifiers\\AuthenticodeEnabled=4,0
    53  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\AuditBaseObjects=4,0
    54  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\CrashOnAuditFail=4,0
    55  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\DisableDomainCreds=4,0
    56  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\EveryoneIncludesAnonymous=4,0
    57  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\FIPSAlgorithmPolicy\\Enabled=4,0
    58  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\ForceGuest=4,0
    59  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\FullPrivilegeAuditing=3,0
    60  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\LimitBlankPasswordUse=4,1
    61  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\MSV1_0\\NTLMMinClientSec=4,536870912
    62  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\MSV1_0\\NTLMMinServerSec=4,536870912
    63  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\NoLMHash=4,1
    64  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\RestrictAnonymous=4,0
    65  MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\RestrictAnonymousSAM=4,1
    66  MACHINE\\System\\CurrentControlSet\\Control\\Print\\Providers\\LanMan Print Services\\Servers\\AddPrinterDrivers=4,1
    67  MACHINE\\System\\CurrentControlSet\\Control\\SecurePipeServers\\Winreg\\AllowedExactPaths\\Machine=7,System\\CurrentControlSet\\Control\\ProductOptions,System\\CurrentControlSet\\Control\\Server Applications,Software\\Microsoft\\Windows NT\\CurrentVersion
    68  MACHINE\\System\\CurrentControlSet\\Control\\SecurePipeServers\\Winreg\\AllowedPaths\\Machine=7,System\\CurrentControlSet\\Control\\Print\\Printers,System\\CurrentControlSet\\Services\\Eventlog,Software\\Microsoft\\OLAP Server,Software\\Microsoft\\Windows NT\\CurrentVersion\\Print,Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows,System\\CurrentControlSet\\Control\\ContentIndex,System\\CurrentControlSet\\Control\\Terminal Server,System\\CurrentControlSet\\Control\\Terminal Server\\UserConfig,System\\CurrentControlSet\\Control\\Terminal Server\\DefaultUserConfiguration,Software\\Microsoft\\Windows NT\\CurrentVersion\\Perflib,System\\CurrentControlSet\\Services\\SysmonLog
    69  MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\Kernel\\ObCaseInsensitive=4,1
    70  MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\Memory Management\\ClearPageFileAtShutdown=4,0
    71  MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\ProtectionMode=4,1
    72  MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\SubSystems\\optional=7,
    73  MACHINE\\System\\CurrentControlSet\\Services\\LanManServer\\Parameters\\AutoDisconnect=4,15
    74  MACHINE\\System\\CurrentControlSet\\Services\\LanManServer\\Parameters\\EnableForcedLogOff=4,1
    75  MACHINE\\System\\CurrentControlSet\\Services\\LanManServer\\Parameters\\EnableSecuritySignature=4,0
    76  MACHINE\\System\\CurrentControlSet\\Services\\LanManServer\\Parameters\\NullSessionPipes=7,
    77  MACHINE\\System\\CurrentControlSet\\Services\\LanManServer\\Parameters\\RequireSecuritySignature=4,0
    78  MACHINE\\System\\CurrentControlSet\\Services\\LanManServer\\Parameters\\RestrictNullSessAccess=4,1
    79  MACHINE\\System\\CurrentControlSet\\Services\\LanmanWorkstation\\Parameters\\EnablePlainTextPassword=4,0
    80  MACHINE\\System\\CurrentControlSet\\Services\\LanmanWorkstation\\Parameters\\EnableSecuritySignature=4,1
    81  MACHINE\\System\\CurrentControlSet\\Services\\LanmanWorkstation\\Parameters\\RequireSecuritySignature=4,0
    82  MACHINE\\System\\CurrentControlSet\\Services\\LDAP\\LDAPClientIntegrity=4,1
    83  MACHINE\\System\\CurrentControlSet\\Services\\Netlogon\\Parameters\\DisablePasswordChange=4,0
    84  MACHINE\\System\\CurrentControlSet\\Services\\Netlogon\\Parameters\\MaximumPasswordAge=4,30
    85  MACHINE\\System\\CurrentControlSet\\Services\\Netlogon\\Parameters\\RequireSignOrSeal=4,1
    86  MACHINE\\System\\CurrentControlSet\\Services\\Netlogon\\Parameters\\RequireStrongKey=4,1
    87  MACHINE\\System\\CurrentControlSet\\Services\\Netlogon\\Parameters\\SealSecureChannel=4,1
    88  MACHINE\\System\\CurrentControlSet\\Services\\Netlogon\\Parameters\\SignSecureChannel=4,1
    89  [Privilege Rights]
    90  SeNetworkLogonRight = *S-1-1-0,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551
    91  SeBackupPrivilege = *S-1-5-32-544,*S-1-5-32-551
    92  SeChangeNotifyPrivilege = *S-1-1-0,*S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551
    93  SeSystemtimePrivilege = *S-1-5-19,*S-1-5-32-544
    94  SeCreatePagefilePrivilege = *S-1-5-32-544
    95  SeDebugPrivilege = *S-1-5-32-544
    96  SeRemoteShutdownPrivilege = *S-1-5-32-544
    97  SeAuditPrivilege = *S-1-5-19,*S-1-5-20
    98  SeIncreaseQuotaPrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544
    99  SeIncreaseBasePriorityPrivilege = *S-1-5-32-544,*S-1-5-90-0
   100  SeLoadDriverPrivilege = *S-1-5-32-544
   101  SeBatchLogonRight = *S-1-5-32-544,*S-1-5-32-551,*S-1-5-32-559
   102  SeServiceLogonRight = *S-1-5-80-0
   103  SeInteractiveLogonRight = *S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551
   104  SeSecurityPrivilege = *S-1-5-32-544
   105  SeSystemEnvironmentPrivilege = *S-1-5-32-544
   106  SeProfileSingleProcessPrivilege = *S-1-5-32-544
   107  SeSystemProfilePrivilege = *S-1-5-32-544,*S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420
   108  SeAssignPrimaryTokenPrivilege = *S-1-5-19,*S-1-5-20
   109  SeRestorePrivilege = *S-1-5-32-544,*S-1-5-32-551
   110  SeShutdownPrivilege = *S-1-5-32-544,*S-1-5-32-551
   111  SeTakeOwnershipPrivilege = *S-1-5-32-544
   112  SeUndockPrivilege = *S-1-5-32-544
   113  SeManageVolumePrivilege = *S-1-5-32-544
   114  SeRemoteInteractiveLogonRight = *S-1-5-32-544,*S-1-5-32-555
   115  SeImpersonatePrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-6
   116  SeCreateGlobalPrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-6
   117  SeIncreaseWorkingSetPrivilege = *S-1-5-32-545
   118  SeTimeZonePrivilege = *S-1-5-19,*S-1-5-32-544
   119  SeCreateSymbolicLinkPrivilege = *S-1-5-32-544
   120  SeDelegateSessionUserImpersonatePrivilege = *S-1-5-32-544
   121  [Version]
   122  signature=\"$CHICAGO$\"
   123  Revision=1
   124  """