SECEDIT is your friend for what you're trying to do. Have a look at the help for the tool. Basically, you're going to want to build a template containing the settings you're looking for. Then, you'll apply that template to computers on which you'd like those settings changed.
Open an empty Microsoft Management
Console. Add a "Security Templates"
snap-in with File / Add/Remove
Snap-in.
Open the "Security Templates" node
and the next node underneath
(normally
"C:\WINDOWS\security\templates").
Right-click the
"C:\WINDOWS\security\templates" node
and choose "New Template". Name the
new template and set the description
as you desire.
Expand the new template. Set the
various settings as you'd like.
The security policy you created is stored in the "C:\WINDOWS\security\templates" directory by default, named with whatever name you chose and a ".INF" extension. Copy this file to a machine where you want to apply the settings.
On the machine where the settings are to be applied, run the following command from the directory where your ".INF" security template file is located:
SECEDIT /configure /db secedit.sdb /cfg <path and filename of INF file>
This will apply the security template to the local security database. You can verify the "before and after" by examining the local security policy. (Be sure and close / re-open the local security policy management tool between applications of the INF file, because, AFAIK, these tools don't dynamically refresh themselves.)