Audit policy and DSC


It can be found on the powershell gallery and/or github

Now that Microsoft has published a full module for this purpose, I can actually show you the quick’n dirty way I coded it a few months ago when I needed to showcase DSC to our internal security team.

It only uses native File and Script DSC resources. In other words, there’s no dependency on any external DSC resource 🙂

First to get the content of the CSV file we’ll drop on the disk and that represents our desired settings, I do

auditpol.exe /get /category:* /r |
ConvertFrom-Csv |
Select Subcategory*,*lusion* | 
Export-Csv -Path ~/Documents/polaudit.csv

Then I paste the content of the polaudit.csv into the Content property of the File resource.

The Get and Test part of the script DSC resource use the same trick above to get the output of our brave old legacy (heritage) auditpol.exe as objects:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.