# Author: Christoph Hartmann
# Target OS: Windows 2012+

# verify registry key entries
describe registry_key('HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging') do
  it { should exist }
  its('EnableScriptBlockLogging') { should eq 0 }
end

# verify security policy configuration
describe security_policy do
  its('SeNetworkLogonRight') { should include 'S-1-5-11' }
end

# verify audit policy settings
describe audit_policy do
  its('Computer Account Management') { should eq 'Success and Failure' }
  # its('Computer Account Management') { should eq 'Success' }
  # its('Computer Account Management') { should eq 'Failure' }
  # its('Computer Account Management') { should eq 'No Auditing' }
end