This article will not be introduced for the basics of INF files. For detailed structural information about the INF file, refer to the DDK help documentation.
First, modify the Telnet service, the port is changed to 99, the NTLM authentication method is 1. ================================
C: /myinf/telnet.inf
[Version] Signature = "$ WINDOWS NT $" [DefaultInstall] AddReg = AddRegName [My_AddReg_Name] HKLM, SOFTWARE / Microsoft / TelnetServer / 1.0, TelnetPort, 0x00010001,99 HKLM, SOFTWARE / Microsoft / TelnetServer / 1.0, NTLM, 0x00010001,1
Installation: rundll32.exe setupapi, installhinfsection defaultinstall 128 c: /myinf/telnet.inf
Description: [Version] and [DEFAULTINSTALL] are required, 0x00010001 represents the REG_DWORD data type, 0x00000000 or omitted the item (reserved comma) represents REG_SZ (string). 0x00020000 represents REG_EXPAND_SZ. Installhinfsection is sensitive. There is only one comma between it and setupapi, no spaces. 128 Indicates a given path, which other values and meanings are met in MSDN. Special note, the last parameter must be the full path to the INF file, do not use a relative path. The projects in the INF file are not sensitive.
Second, the service ===============
Add a service:
[Version] Signature = "$ WINDOWS NT $" [DefaultInstall.Services] AddService = inetsvr ,, My_AddService_Name [My_AddService_Name] DisplayName = Windows Internet Service Description = support for Internet Information Services management. ServiceType = 0x10 StartType = 2 ErrorControl = 0 servicebinary =% 11% / inetsvr.exe
Save as inetsvr.inf, then:
Rundll32.exe setupi, installhinfsection defaultinstall 128 C: /Path/inetsvr.inf
This example adds a service called INTSVR (if it is very like a service comes with the system, huh, huh).
Some explanations: 1. The last four are the service type: 0x10 is a stand-alone process service, 0x20 is a shared process service (such as SVCHOST); launch type: 0 When the system boots, load, 2 by SCM (service Control Manager) Automatically start, 3 manual start, 4 disabled. (Note, 0 and 1 can only be used for drivers) Error control: 0 ignore, 1 Continue and warned, 2 Switch to LastknownGood setting, 3 blue screen. Server location:% 11% indicate the System32 directory,% 10% represents the system directory (WinNT or Windows),% 12% is the drive directory System32 / Drivers. See DDK at other values. You can also use the full path directly without variables. These four items must be there. 2. Six projects in the examples, as well as LoadOrderGroup, Dependencies, etc. Not often used, so don't introduce it. 3, there are two commas behind the inetsvr because there is an uncommon parameter Flags in the middle. Delete a service:
[Version] Signature = "$ Windows NT $" [DefaultInstall.Services] DELSERVICE = INETSVR
Very simple, isn't it?
Of course, you can also achieve your goals by importing registry. But INF has its own advantage. 1. Export a registry key of a system comes with service, you will find that its execution path is like this: "imagePath" = HEX (2): 25, 00, 53, 00, 79, 100, 73, 00, 74, 00, 65, 6D, 00, 52, 0, 6F, 00, 6F, 00, / 74, 100, 25, 100, 5C, 00, 73, 3, 79, 100, 73, 100, 74, 00 65,00, 6d, 00, 33, 32, 100, 5c, 00, 74, / 00, 6c, 00, 6E, 00, 74, 3, 73, 100, 76, 100, 72, 100, 2E, 00, 65, 3,78,00, 65,00,00,00 readability is too bad. In fact, it is% systemroot% / system32 / tlntsvr.exe, but the data type is REG_EXPAND_SZ. ThisPath is obviously inconvenient when manually introduced into the registry to increase the service. If you replace it with reg_sz, some problems can not use environment variables. It can only use the full path. With the INF file, there is no such problem, servicebinary (ie imagePath) automatically be REG_EXPAND_SZ. 2, the most critical is, like a tool such as SC, the effect of INF file is immediate, and it must be restarted after importing REG. 3, INF file automatically adds a security subkey to the service's registry key so that it looks more like a service comes with the system.
In addition, AddService and DelService and AddReg, DELREG can be used at the same time and reuse. You can increase and delete multiple services and registry items at the same time.
Third, group strategy ==========
1, the least 6 digits [Version] signature = "$ chicago $" [system access] minimumpsswordLength = 6 passwordcomplexity = 1
Save as gp.inf, then import: successdit / configure / db gp.sdb / cfg gp.inf / quiet2, close all "audit policies
Echo [Version]> 1.Inf echo signature = "$ chicago $" >> 1.inf echo [Event audit] >> 1.inf echo auditsystemevents = 0 >> 1.inf echo auditobjectAccess = 0 >> 1.inf echo Auditprivilegeuse = 0 >> 1.inf echo auditpolicychange = 0 >> 1.inf echo auditaccountmanage = 0 >> 1.inf echo auditprocessTracking = 0 >> 1.inf echo auditdsaccess = 0 >> 1.inf echo auditaccountlogon = 0 >> 1.Inf echo auditlogonevents = 0 >> 1.inf second / configure / db 1.sdb / cfg 1.inf / log 1.log / quiet DEL 1. *
Fourth, solve the XP IPC $ connection only guest ====================
Echo [Version]> 1.inf echo signature = "$ chicago $" >> 1.inf echo [registry value] >> 1.Inf echo machine / system / currentcontrolset / control / lsa / forceguest = 4,0 >> 1 .inf secondit / configure / dB 1.SDB / CFG 1.inf / log 1.log del 1. *
