Ask the Expert

Can I create a reg.dat file to automate policy/security settings across multiple Win2k servers?

I am deploying Win2k on multiple servers. They all have policy and security settings that are the same. I want to automate the process of entering in each setting by creating a reg.dat file. This file will be used to make the changes needed. How do I complete this task?

Requires Free Membership to View

Whether or not you can be successful at this depends on the security settings you're configuring. Many of them are not accessible (they're stored in the registry's security hive) and should never be deployed using this technique. Other settings are legitimately deployed using registry hive files. However, using a hive file is more of a shotgun approach, since the hive file replaces the key in to which you import it. So, I recommend that you use REG files.

The last thing I want to mention is that you shouldn't deploy policies as REG files or hive files. You should always establish policies using Group Policy, since there's much more going on behind the scenes than just setting some registry values. If you set these policies using REG files, you'll tattoo the registry and won't see the results in Group Policy editor, Resultant Set of Policy, etc.

One solution is to find a good scripting tool that'll walk through your configuration steps for you. Another is to deploy your servers as disk images (prior to promotion).

This was first published in September 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: