Security Templates overview

With Security Templates, you can create a security policy for your computer or network. It is a single point of entry where the full range of system security can be taken into account. Security Templates does not introduce new security parameters; it simply organizes all existing security attributes into one place to ease security administration.

Importing a security template to a Group Policy object eases domain administration by configuring security for a domain or organizational unit at once. For more information, see To import a security template to a Group Policy object

In order to apply a security template to your local computer, you can use Security Configuration and Analysis. For more information, see To configure local computer security 

Security templates can be used to define:

Security areaDescription

Account Policies

Password Policy, Account Lockout Policy, and Kerberos Policy

Local Policies

Audit Policy, User Rights Assignment, and Security Options

Event Log

Application, system, and security Event Log settings

Restricted Groups

Membership of security-sensitive groups

System Services

Startup and permissions for system services


Permissions for registry keys

File System

Permissions for folders and files

Each template is saved as a text-based .inf file. This enables you to copy, paste, import, or export some or all of the template attributes. With the exceptions of IP Security and public key policies, all security attributes can be contained in a security template.

New and predefined templates

You can create a new security template with your own preferences or use one of the predefined security templates. Before making any changes to your security settings you should understand what the default settings of your system are and what they mean. For more information, see Default security settings 

There are several predefined templates that can help you to secure your system based on your needs, these templates are for:

Reapplying default settings. (Setup security.inf)

Implementing a highly secure environment. (Hisecws.inf)

Implementing a less secure but more compatible environment. (Compatws.inf)

Securing the system root. (Rootsec.inf)

For more information, see Predefined security templates 

© 2017 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies