zoukankan      html  css  js  c++  java
  • 利用组策略API 编辑GPO(Group Policy Object)

    用windows自带的GPO Editor编辑修改,然后利用注册表监控器regFromApp监视注册表的改动,就知道某个策略修改了注册表的哪个字段了。

    下面是禁止U盘访问的例子:

     
     1 #include <gpedit.h>
     2 #include <windows.h>
     3 #include <objbase.h>
     4 #include <comdef.h>
     5 #include <sstream>
     6 #include <iostream>
     7 
     8 int main()
     9 {
    10     DWORD val, val_size = sizeof(DWORD);
    11     HRESULT hr;
    12     IGroupPolicyObject* pLGPO;
    13     HKEY machine_key, dsrkey;
    14     // MSVC is finicky about these ones => redefine them
    15     const IID my_IID_IGroupPolicyObject =
    16     { 0xea502723, 0xa23d, 0x11d1, { 0xa7, 0xd3, 0x0, 0x0, 0xf8, 0x75, 0x71, 0xe3 } };
    17     const IID my_CLSID_GroupPolicyObject =
    18     { 0xea502722, 0xa23d, 0x11d1, { 0xa7, 0xd3, 0x0, 0x0, 0xf8, 0x75, 0x71, 0xe3 } };
    19     GUID ext_guid = REGISTRY_EXTENSION_GUID;
    20     // This next one can be any GUID you want
    21     GUID snap_guid = { 0x3d271cfc, 0x2bc6, 0x4ac2, { 0xb6, 0x33, 0x3b, 0xdf, 0xf5, 0xbd, 0xab, 0x2a } };
    22 
    23     // Create an instance of the IGroupPolicyObject class
    24     hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
    25     if (FAILED(hr))
    26     {
    27         std::ostringstream errorStream;
    28         errorStream << "Failed to initialize COM library. Error code = 0x" << std::hex << hr << std::endl;
    29         std::cout << errorStream.str() << std::endl;
    30         return 0;
    31     }
    32 
    33     hr = CoCreateInstance(my_CLSID_GroupPolicyObject, NULL, CLSCTX_INPROC_SERVER,
    34         my_IID_IGroupPolicyObject, (LPVOID*)&pLGPO);
    35 
    36     // We need the machine LGPO (if C++, no need to go through the lpVtbl table)
    37     pLGPO->OpenLocalMachineGPO(GPO_OPEN_LOAD_REGISTRY);
    38     pLGPO->GetRegistryKey(GPO_SECTION_MACHINE, &machine_key);
    39 
    40     // The disable System Restore is a DWORD value of PoliciesMicrosoftWindowsDeviceInstallSettings
    41     RegCreateKeyEx(machine_key, "SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions",
    42         0, NULL, 0, KEY_SET_VALUE | KEY_QUERY_VALUE, NULL, &dsrkey, NULL);
    43 
    44     // Create the value
    45     val = 1;
    46     RegSetKeyValue(dsrkey, NULL, "DenyRemovableDevices", REG_DWORD, &val, sizeof(val));
    47     RegCloseKey(dsrkey);
    48 
    49     // Apply policy and free resources
    50     pLGPO->Save(TRUE, TRUE, &ext_guid, &snap_guid);
    51     RegCloseKey(machine_key);
    52     pLGPO->Release();
    53     return 0;
    54 }

    rereferences:

    http://pete.akeo.ie/2011/03/porgramatically-setting-and-applying.html

    http://www.nirsoft.net/utils/reg_file_from_application.html

    http://blog.sina.com.cn/s/blog_4e0987310101irm8.html

  • 相关阅读:
    jquery中$.get()提交和$.post()提交有区别吗?
    src = "security/afafsff/?ip=123.4.56.78&id=45",请写一段代码用正则匹配出ip
    python如何捕获异常
    平衡点问题
    支配点问题:
    python程序中文输出问题怎么解决? 用encode和decode
    介绍一下Python中webbrowser的用法?
    XML文档定义有几种形式?它们之间有何本质区别?解析XML文档有哪几种方式?
    垃圾回收的优点和原理。并考虑2种回收机制。
    设计4个线程,其中两个线程每次对j增加1,另外两个线程对j每次减少1。写出程序。
  • 原文地址:https://www.cnblogs.com/foohack/p/6758202.html
Copyright © 2011-2022 走看看