Secedit command: generaterollback in Windows

Secedit: generaterollback command allows you to create rollback patterns for the specified configuration template.To better understand how to use this command, see the example below.

Syntax command secedit: generaterollback

 Secedit / generaterollback / db / cfg / rbk [log] [/ quiet] 

The secedit command: generaterollback command

Parameters

Describe

db

This is a required parameter.

Specify the path and name of the database file containing the stored configuration to conduct the analysis.

If the database designation name does not have a security template (as indicated by the configuration file) associated with it, the command line / cfg option must also be specified according to

cfg

This is a required parameter.

Specify the path and name for the security template to be entered into the database for analysis.

This optional parameter / cfg is only valid when used with the parameter / db.

If this parameter is not specified, the analysis will be performed for any configuration stored in the database.

rbk

This is a required parameter.

Specify a security pattern in which rollback information is written.Security templates are created with attachments of Security Templates.Rollback files can be created with this command.

log

Optional parameters.

Specify the path and name of the log file to be used in the process.

quiet

Optional parameters.

Do not display the output on the screen.You can still view the analysis results by using the Security Configuration and Analysis attachment on Microsoft Management Console (MMC).

Secedit: generaterollback command

1. If the path for the log file is not provided, the default log file, (systemrootUsers * UserAccountMy DocumentsSecurityLogs * DatabaseName.log) will be used.
2. Starting withWindows Server 2008, the Secedit / refreshpolicy subcommand has been replaced with gpupdate.For more information on how to refresh security settings, see the Gpupdate command.
3. Successful running of this command will be notified by the 'The task has completed successfully' status and only the mismatch between the stated security form and configuration of the new security policy will be recorded.These mismatches will be listed in scesrv.log.
4. If an existing rollback pattern is specified, this command will override it.You can create a new rollback pattern with this command.Condition is without additional parameters.

Secedit: generaterollback command

After creating security templates using the snap-in of Security Configuration and Analysis is SecTmplContoso.inf, to create the rollback configuration file to save the original settings, enter:

 Secedit / generaterollback / db C: SecurityFY11SecDbContoso.sdb / cfg sectmplcontoso.inf / rbk sectmplcontosoRBK.inf / log C: SecurityFY11SecAnalysisContosoFY11.log 

 

See more:

1. Summary of 20 common Run commands on Windows operating system
2. Overview of Windows Server 2008
3. Basic Linux commands everyone needs to know
4. Table summarizes the basic PowerShell commands