SekChek for Windows & Active Directory: Building a sekchek.inp file

What is the purpose of the sekchek.inp file?

The file allows you to define a customised list of Registry keys and files / directories / network shares for inclusion in the Scan process.

If a sekchek.inp file is present when the Scan is run, SekChek will analyse key values (for Registry keys) and DACLs / SACLs (for directories, files and network shares) for all entries defined in the file.


Where do I place the file sekchek.inp file?

The file must be in the same directory as the Scan software (SEKWIEXT.EXE) before the Scan process is started.

When the Scan process starts, SekChek will look for your sekchek.inp file in its own path, report on the status of the file’s contents, and prompt you to continue or cancel.

Note that SekChek will not display this status information if it does not find the sekchek.inp file in its path.


Format of the sekchek.inp file

Registry Keys

The customised list of Registry keys must appear on separate lines after the [registry] section marker. Note the square brackets around the word registry.

[registry]
HKEY_CLASSES_ROOT\MIME\Database\Codepage\1200:BodyCharset
HKEY_CURRENT_USER\Control Panel\Colors:ActiveBorder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor:AutoRun
HKEY_USERS\DEFAULT\Enviroment:TEMP
HKEY_CURRENT_USER\Control Panel\Desktop:*

Note the backslash separators without spaces (\) between the parts of the Registry key and the colon without spaces (:) before the Registry Key Value name.

The wildcard character * can be used to select multiple key values from a registry key name.

Note: HKEY_CURRENT_CONFIG is an alias for the fully qualified key HKEY_LOCAL_MACHINE\System\ CurrentControlSet\Hardware Profiles\Current. To scan information for this key, specify the fully qualified name rather than its alias.

DACLs and SACLs

By default, SekChek will analyse DACLs (Discretionary Access Control Lists) and SACLs (System Access Control Lists) for the \Windows\ directory, the \Windows\System 32\ directory, and the root of the drive containing these directories (typically C:\).

Your customised list of files, directories and share names must appear on separate lines after the [permissions] section marker. Note the square brackets around the word permissions.

[permissions]
C:\MyDirectory\
D:\MyDir\MyFilename.xtn
\\MyHost\ShareName1

Please contact us for assistance if you encounter difficulties with the process.




More Information...

SekChek for..

Popular Downloads..

Popular Links..