Secedit command: generaterollback in Windows
Secedit: generaterollback command allows you to create rollback patterns for the specified configuration template.To better understand how to use this command, see the example below.
Syntax command secedit: generaterollback
Secedit / generaterollback / db / cfg / rbk [log] [/ quiet]
The secedit command: generaterollback command
Parameters
Describe
db
This is a required parameter.
Specify the path and name of the database file containing the stored configuration to conduct the analysis.
If the database designation name does not have a security template (as indicated by the configuration file) associated with it, the command line / cfg option must also be specified according to
cfg
This is a required parameter.
Specify the path and name for the security template to be entered into the database for analysis.
This optional parameter / cfg is only valid when used with the parameter / db.
If this parameter is not specified, the analysis will be performed for any configuration stored in the database.
rbk
This is a required parameter.
Specify a security pattern in which rollback information is written.Security templates are created with attachments of Security Templates.Rollback files can be created with this command.
log
Optional parameters.
Specify the path and name of the log file to be used in the process.
quiet
Optional parameters.
Do not display the output on the screen.You can still view the analysis results by using the Security Configuration and Analysis attachment on Microsoft Management Console (MMC).
Secedit: generaterollback command
- If the path for the log file is not provided, the default log file, (systemrootUsers * UserAccountMy DocumentsSecurityLogs * DatabaseName.log) will be used.
- Starting withWindows Server 2008, the Secedit / refreshpolicy subcommand has been replaced with gpupdate.For more information on how to refresh security settings, see the Gpupdate command.
- Successful running of this command will be notified by the 'The task has completed successfully' status and only the mismatch between the stated security form and configuration of the new security policy will be recorded.These mismatches will be listed in scesrv.log.
- If an existing rollback pattern is specified, this command will override it.You can create a new rollback pattern with this command.Condition is without additional parameters.
Secedit: generaterollback command
After creating security templates using the snap-in of Security Configuration and Analysis is SecTmplContoso.inf, to create the rollback configuration file to save the original settings, enter:
Secedit / generaterollback / db C: SecurityFY11SecDbContoso.sdb / cfg sectmplcontoso.inf / rbk sectmplcontosoRBK.inf / log C: SecurityFY11SecAnalysisContosoFY11.log
See more:
- Summary of 20 common Run commands on Windows operating system
- Overview of Windows Server 2008
- Basic Linux commands everyone needs to know
- Table summarizes the basic PowerShell commands
You should read it
May be interested
- What is Hyper-Threading (Hyper-Threading)?understanding hyperthreading is important because it is a key feature on some intel processors.
- Self-assemble computers, build desktop computers (P5): Refine new computersuntil this part, we have finished installing the operating system into our new computer. however, there are a few more steps that we will take in this final section to introduce you to make sure your system works in a more stable way.
- Secedit: import command in Windowssecedit: import command allows you to enter the security settings that were previously exported from the configured database with security templates, and are currently stored in the inf file.
- Secedit: validate command in Windowssecedit: validate command to authenticate security settings stored in security templates (.inf files).
- The Fsutil reparsepoint command in Windowsthe fsutil reparsepoint command queries or deletes the reparse points. the fsutil reparsepoint command is often used by support professionals.
- Fsutil resource command in Windowsthe fsutil resource command creates a secondary transactional resource manager, starts or stops transactional resource manager, or displays information about transactional resource manager.