Is there a simple way/script to set Local Policies on Windows Server 2019 using a PowerShell scripts?
Specifically, to set Audit Policy, User Rights Assignment & Security Options
The server is not joined to a domain so I cannot use a GPO/module.
I’m new to PowerShell so I appreciate any help on this.
@nlasalle70 Welcome to PowerShell.org forums.
I had a similar situates couple of months back and couldn’t find any. AFAIK there is no .Net APIs exposed for this. All we have is secedit.exe and there are lots of articles on how to use it in a script.
I have scripted Audit Policy settings using auditpol.exe … I configured an XML file with the settings and applied the proper settings according to the XML. I am sure there are other ways.
My use case got real ugly in that I needed to check the policy and compare against what was required by security and then apply the proper settings.
As for kvprasoon suggestion on secedit, I agree and have done that as well. I used the “Security Configuration and analysis” MMC snap-in to generate the database for secedit, then applied that via PS.
Here is an example of checking the policy:
And using secedit to apply settings:
https://stackoverflow.com/questions/64825540/secedit-with-powershell-to-load-local-security-rights
FWIW