Scenario: I'm performing a configuration audit on a server that's joined to the domain. For the mandatory security configuration settings, there are group policies defined and being pushed out to domain members, but not all of the settings. The remaining settings are supposed to be defined locally on the server through one of the many configuration interfaces. Some of the settings are easy to audit because there are registry keys that are created. Others… not so much.
For example, if I want to check that the 'Network access: Allow anonymous SID/Name translation' settings has been configured properly, I have to use a RSOP call (via Powershell, or another tool like BigFix/TEM). The problem is that settings defined by local GPE aren't reflected in RSOP.
So, ultimately, the question is: is there a hidden hive in the registry where that setting, and others similar to it, are stored?
Best Answer
According to this TechNet article it appear that the key for the policy in question is
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlockI can't think of any GPO settings that don't push down registry keys, so you can simply do something like:
There is no "hidden" branch or anything like that. I'm not sure what you're talking about there. If a key doesn't exist, it is the same as not being configured.