From 9ffaa9b71cd29f501e520e2f05fd1b54b160ce21 Mon Sep 17 00:00:00 2001 From: Long Lam <31355535+eemperor@users.noreply.github.com> Date: Tue, 6 Aug 2024 16:45:24 -0400 Subject: [PATCH] Remove unnecessary settings --- .../stig/Windows_2022Server_DC/stig.yml | 24 ---------------- .../stig/Windows_2022Server_MS/stig.yml | 28 ++----------------- 2 files changed, 2 insertions(+), 50 deletions(-) diff --git a/ash-windows/stig/Windows_2022Server_DC/stig.yml b/ash-windows/stig/Windows_2022Server_DC/stig.yml index 6a34fcf..48afdc4 100644 --- a/ash-windows/stig/Windows_2022Server_DC/stig.yml +++ b/ash-windows/stig/Windows_2022Server_DC/stig.yml @@ -288,12 +288,6 @@ - name: LockoutDuration policy_type: secedit value: '15' -- name: NewAdministratorName - policy_type: secedit - value: '"X_Admin"' -- name: NewGuestName - policy_type: secedit - value: '"Visitor"' - name: ClearTextPassword policy_type: secedit value: '0' @@ -532,15 +526,9 @@ - name: SeCreatePagefilePrivilege policy_type: secedit value: '*S-1-5-32-544' -- name: SeCreateTokenPrivilege - policy_type: secedit - value: '' - name: SeCreateGlobalPrivilege policy_type: secedit value: '*S-1-5-32-544,*S-1-5-19,*S-1-5-20,*S-1-5-6' -- name: SeCreatePermanentPrivilege - policy_type: secedit - value: '' - name: SeCreateSymbolicLinkPrivilege policy_type: secedit value: '*S-1-5-32-544' @@ -562,9 +550,6 @@ - name: SeLoadDriverPrivilege policy_type: secedit value: '*S-1-5-32-544' -- name: SeLockMemoryPrivilege - policy_type: secedit - value: '' - name: SeSecurityPrivilege policy_type: secedit value: '*S-1-5-32-544' @@ -586,18 +571,9 @@ - name: SeNetworkLogonRight policy_type: secedit value: '*S-1-5-32-544,*S-1-5-11,*S-1-5-9' -- name: SeDenyServiceLogonRight - policy_type: secedit - value: '' - name: SeEnableDelegationPrivilege policy_type: secedit value: '*S-1-5-32-544' -- name: SeTcbPrivilege - policy_type: secedit - value: '' -- name: SeTrustedCredManAccessPrivilege - policy_type: secedit - value: '' - name: SeMachineAccountPrivilege policy_type: secedit value: '*S-1-5-32-544' diff --git a/ash-windows/stig/Windows_2022Server_MS/stig.yml b/ash-windows/stig/Windows_2022Server_MS/stig.yml index 15eba8e..7927e5a 100644 --- a/ash-windows/stig/Windows_2022Server_MS/stig.yml +++ b/ash-windows/stig/Windows_2022Server_MS/stig.yml @@ -304,12 +304,6 @@ - name: LockoutDuration policy_type: secedit value: '15' -- name: NewAdministratorName - policy_type: secedit - value: '"X_Admin"' -- name: NewGuestName - policy_type: secedit - value: '"Visitor"' - name: ClearTextPassword policy_type: secedit value: '0' @@ -509,7 +503,7 @@ vtype: DWORD - name: SeDenyNetworkLogonRight policy_type: secedit - value: '*S-1-5-114,*S-1-5-32-546' + value: '*S-1-5-32-546' - name: SeDenyBatchLogonRight policy_type: secedit value: '*S-1-5-32-546' @@ -518,7 +512,7 @@ value: '*S-1-5-32-546' - name: SeDenyRemoteInteractiveLogonRight policy_type: secedit - value: '*S-1-5-113,*S-1-5-32-546' + value: '*S-1-5-32-546' - name: SeInteractiveLogonRight policy_type: secedit value: '*S-1-5-32-544' @@ -528,15 +522,9 @@ - name: SeCreatePagefilePrivilege policy_type: secedit value: '*S-1-5-32-544' -- name: SeCreateTokenPrivilege - policy_type: secedit - value: '' - name: SeCreateGlobalPrivilege policy_type: secedit value: '*S-1-5-6,*S-1-5-20,*S-1-5-19,*S-1-5-32-544' -- name: SeCreatePermanentPrivilege - policy_type: secedit - value: '' - name: SeCreateSymbolicLinkPrivilege policy_type: secedit value: '*S-1-5-32-544' @@ -558,9 +546,6 @@ - name: SeLoadDriverPrivilege policy_type: secedit value: '*S-1-5-32-544' -- name: SeLockMemoryPrivilege - policy_type: secedit - value: '' - name: SeSecurityPrivilege policy_type: secedit value: '*S-1-5-32-544' @@ -582,12 +567,3 @@ - name: SeNetworkLogonRight policy_type: secedit value: '*S-1-5-32-544,*S-1-5-11' -- name: SeEnableDelegationPrivilege - policy_type: secedit - value: '' -- name: SeTcbPrivilege - policy_type: secedit - value: '' -- name: SeTrustedCredManAccessPrivilege - policy_type: secedit - value: ''