1. Open Security Configuration and Analysis.
2. In the console tree, right-click Security Configuration and Analysis, and then click Open Database.

   Where?

   • ConsoleRoot
   • Security Configuration and Analysis
3. In Open database, do one of the following:
• To create a new database, in File name, type a file name, and then click Open.
• To open an existing database, click a database, and then click Open.
4. If you are creating a new database, in Import Template, click a template, and then click Open.
5. In the details pane, right-click Security Configuration and Analysis, and then click Analyze Computer Now.
6. Do one of the following:
   • To use the default log, in Error log file path, click OK.
   • To specify a different log, in Error log file path, type a valid path and file name, and then click OK.

Notes

• XOX
• To open Security Configuration and Analysis, click Start, click Run, type mmc, and then click OK. On the File menu, click Open, click the console that you want to open, and then click Open. Then, in the console tree, click Security Configuration and Analysis.
• Security Configuration and Analysis displays the different security areas as they are analyzed. Once this is complete, you can check the log file or review the results. For more information on reviewing the analysis results, see Related Topics.
• To view the log file, in the console tree, right-click Security Configuration and Analysis, and then click View Log File.
• The default path for the log file is:

  systemroot\Documents and Settings\UserAccount\My Documents\Security\Logs\DatabaseName.log

1. Open Command Prompt.
2. Type:

   secedit /analyze /db FileName.sdb [/cfg FileName] [/overwrite] [/log FileName] [/quiet]

   Argument	Description
   /db FileName	Specifies the database used to perform the analysis.
   /cfg FileName	Specifies a security template to import into the database prior to performing the analysis. Security templates are created using the Security Templates snap-in.
   /log FileName	Specifies a file in which to log the status of the configuration process. If not specified, configuration data is logged in Scesrv.log, which is located in the %windir%\Security\Logs folder.
   /quiet	Specifies that the analysis process should take place without further comments.

   Example: secedit /analyze /db hisecws.sdb

Notes

• XOX
• XOX
• To view the complete syntax for this command, at a command prompt, type:
  

  secedit /?