From b4b8ebf6f25f0dc24aa6de2e4ac38768337556eb Mon Sep 17 00:00:00 2001
From: goodwood <admin@admin.fr>
Date: Thu, 8 May 2025 21:53:09 +0200
Subject: [PATCH] rm doublons

---
 gpo-secu.ps1 | 43 -------------------------------------------
 1 file changed, 43 deletions(-)
 delete mode 100644 gpo-secu.ps1

diff --git a/gpo-secu.ps1 b/gpo-secu.ps1
deleted file mode 100644
index bcc45a6..0000000
--- a/gpo-secu.ps1
+++ /dev/null
@@ -1,43 +0,0 @@
-Import-Module GroupPolicy
-
-# Nom de la GPO
-$gpoName = "Sécurité - Verrouillage postes"
-$ouTarget = "OU=Postes,DC=tondomaine,DC=local"  # <- À ADAPTER
-
-# Créer la GPO
-$gpo = New-GPO -Name $gpoName -Comment "Renforcement sécurité poste utilisateur"
-
-# Lier à l'OU
-New-GPLink -Name $gpo.DisplayName -Target $ouTarget
-
-# ------------------------
-# PARAMÈTRES GPO APPLIQUÉS
-# ------------------------
-
-# 1. Verrouillage du panneau de configuration
-Set-GPRegistryValue -Name $gpoName -Key "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" -ValueName "NoControlPanel" -Type DWord -Value 1
-
-# 2. Verrouillage CMD & PowerShell
-Set-GPRegistryValue -Name $gpoName -Key "HKCU\Software\Policies\Microsoft\Windows\System" -ValueName "DisableCMD" -Type DWord -Value 1
-Set-GPRegistryValue -Name $gpoName -Key "HKCU\Software\Policies\Microsoft\Windows\PowerShell" -ValueName "EnableScripts" -Type DWord -Value 0
-
-# 3. Désactivation du hash LAN Manager
-Set-GPRegistryValue -Name $gpoName -Key "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" -ValueName "NoLMHash" -Type DWord -Value 1
-
-# 4. Désactiver installation sans mot de passe admin
-Set-GPRegistryValue -Name $gpoName -Key "HKLM\Software\Policies\Microsoft\Windows\Installer" -ValueName "DisableMSI" -Type DWord -Value 1
-
-# 5. Désactivation du compte invité
-Set-GPRegistryValue -Name $gpoName -Key "HKLM\SAM\SAM\Domains\Account\Users\Names\Guest" -ValueName "Enabled" -Type DWord -Value 0
-
-# 6. Politique de mot de passe (complexité et longueur)
-Set-GPRegistryValue -Name $gpoName -Key "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" -ValueName "PasswordComplexity" -Type DWord -Value 1
-Set-GPRegistryValue -Name $gpoName -Key "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" -ValueName "MinimumPasswordLength" -Type DWord -Value 10
-
-# 7. Expiration du mot de passe (90 jours)
-Set-GPRegistryValue -Name $gpoName -Key "HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters" -ValueName "MaximumPasswordAge" -Type DWord -Value 90
-
-# 8. Blocage énumération SID anonymes
-Set-GPRegistryValue -Name $gpoName -Key "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" -ValueName "RestrictAnonymousSAM" -Type DWord -Value 1
-
-Write-Host "GPO '$gpoName' créée et liée à $ouTarget"