Now that Microsoft has published a full module for this purpose, I can actually show you the quick’n dirty way I coded it a few months ago when I needed to showcase DSC to our internal security team.
It only uses native File and Script DSC resources. In other words, there’s no dependency on any external DSC resource 🙂
First to get the content of the CSV file we’ll drop on the disk and that represents our desired settings, I do
auditpol.exe /get /category:* /r | ConvertFrom-Csv | Select Subcategory*,*lusion* | Export-Csv -Path ~/Documents/polaudit.csv
Then I paste the content of the polaudit.csv into the Content property of the File resource.
The Get and Test part of the script DSC resource use the same trick above to get the output of our brave old legacy (heritage) auditpol.exe as objects: