One of my customers requires additional security settings beyond the OMB-mandated Federal Desktop Core Configuration (FDCC) and I need to apply the settings as local policy during the MDT build process so that disconnected systems still get a baseline of policy. So here's the process I used to generate the policy objects and then apply them to the build.
Type: Run Command LineName: Custom Set Audit PolicyCommand Line: cmd /c "%SCRIPTROOT%\CustomSetAuditPolicy-v2.cmd" > C:\Windows\security\logs\CustomSetAuditPolicy.log 2>&1
Type: Run Command LineName: Custom Apply LGPOCommand Line: cmd /c "%SCRIPTROOT%\CustomApplyLGPO-v3.cmd > C:\Windows\security\logs\CustomApplyLGPO.log 2>&1
If anyone can think of an easier/faster way to do any of the above, I welcome your comments.