TestimoX

API Reference

Command

Set-CxSecurityOption

Namespace ComputerX.PowerShell
Inputs
System.String

Sets CIS-relevant Local Security Options (registry-backed).

Examples

Authored help example

Example 1


Set-CxSecurityOption -LimitBlankPasswordUse:$true -LmCompatibility NTLMv2OnlyRefuseLMandNTLM

Example 2


Set-CxSecurityOption -ComputerName SERVER01 -RequireSmbSigningServer:$true -Smb1 0

Common Parameters

This command supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable.

For more information, see about_CommonParameters.

Syntax

Set-CxSecurityOption [-ComputerName <string>] [-AllowInsecureGuestAuth <bool>] [-EveryoneIncludesAnonymous <int>] [-LimitBlankPasswordUse <bool>] [-LmCompatibility <LMandNTLM>] [-NoLmHash <bool>] [-NtlmMinClientSec <Sign|Seal|Require128|Require56>] [-NtlmMinServerSec <Sign|Seal|Require128|Require56>] [-NullSessionPipes <string[]>] [-NullSessionShares <string[]>] [-RequireSmbSigningClient <bool>] [-RequireSmbSigningServer <bool>] [-RestrictAnonymous <int>] [-RestrictAnonymousSAM <int>] [-Smb1 <int>] [<CommonParameters>]
#

Parameters

ComputerName string optionalposition: 0pipeline: true (ByPropertyName)
Target computer(s). Use '.' for local computer or provide DNS names.
AllowInsecureGuestAuth bool optionalposition: namedpipeline: false
Gets or sets the AllowInsecureGuestAuth parameter.
EveryoneIncludesAnonymous int optionalposition: namedpipeline: false
Gets or sets the EveryoneIncludesAnonymous parameter.
LimitBlankPasswordUse bool optionalposition: namedpipeline: false
Gets or sets the LimitBlankPasswordUse parameter.
LmCompatibility LmCompatibilityLevel optionalposition: namedpipeline: falsevalues: 6
Gets or sets the LmCompatibility parameter. Possible values: LMandNTLM, LMandNTLMRefuseNTLMv2Session, NTLMv2Only, NTLMv2OnlyRefuseLM, NTLMv2OnlyRefuseLMandNTLM, NTLMv2OnlyRefuseLMandNTLMUseKerberos
Possible values: LMandNTLM, LMandNTLMRefuseNTLMv2Session, NTLMv2Only, NTLMv2OnlyRefuseLM, NTLMv2OnlyRefuseLMandNTLM, NTLMv2OnlyRefuseLMandNTLMUseKerberos
NoLmHash bool optionalposition: namedpipeline: false
Gets or sets the NoLmHash parameter.
NtlmMinClientSec NtlmSspFlags optionalposition: namedpipeline: falsevalues: 4
Gets or sets the NtlmMinClientSec parameter. Possible values: None, Sign, Seal, Require128, Require56
Possible values: Sign, Seal, Require128, Require56
NtlmMinServerSec NtlmSspFlags optionalposition: namedpipeline: falsevalues: 4
Gets or sets the NtlmMinServerSec parameter. Possible values: None, Sign, Seal, Require128, Require56
Possible values: Sign, Seal, Require128, Require56
NullSessionPipes string[] optionalposition: namedpipeline: false
Server null session named pipes list. Replaces only if provided.
NullSessionShares string[] optionalposition: namedpipeline: false
Server null session shares list (SMB). Replaces only if provided.
RequireSmbSigningClient bool optionalposition: namedpipeline: false
Gets or sets the RequireSmbSigningClient parameter.
RequireSmbSigningServer bool optionalposition: namedpipeline: false
Gets or sets the RequireSmbSigningServer parameter.
RestrictAnonymous int optionalposition: namedpipeline: false
Gets or sets the RestrictAnonymous parameter.
RestrictAnonymousSAM int optionalposition: namedpipeline: false
Gets or sets the RestrictAnonymousSAM parameter.
Smb1 int optionalposition: namedpipeline: false
Gets or sets the Smb1 parameter.