Rollback of CIS and PCIv2 templates after remediation does not work

For CIS and PCIv2 templates, rollback after remediation does not work because the MSS GPO settings are not present for Windows Server 2008.

To view the settings, perform the following steps:

  1. Run the following commands to provide privileges to sceregvl.inf:

    takeown /f %systemroot%\inf\sceregvl.inf
    icacls %systemroot%\inf\sceregvl.inf /grant Administrators:(F)
  2. Open another window in the text editor and then open the %systemroot%\inf\sceregvl.inf file.
  3. Navigate to the bottom of the [Register Registry Values] section in the sceregvl.inf file.
  4. Paste the registry values, without any page breaks into this section of the sceregvl.inf file. For example, MSS Values - MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon,1,%DisableAutoLogon%,0
  5. Navigate to the bottom of the Strings section in the sceregvl.inf file.
  6. Paste the text Strings, without any page breaks into this section of the sceregvl.inf file. For example, MSS Settings - DisableAutoLogon = "MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)"
  7. Save the sceregvl.inf file and close the text editor.
  8. Open a command prompt and execute the command regsvr32 scecli.dll to re-register the DLL file.
Was this page helpful? Yes No Submitting... Thank you

Comments