Enabling Windows XP file/registry access auditing via Group Policy

I tried searching Google and Microsoft KB.

Is there a way to use Group Policy (either local security templates or AD
GPO) to enable XP auditing on files, folders and *specific* registry
sub-keys.... WITHOUT changing the permissions?

1. I tried using the Security Templates MMC, but I believe that method
makes you set permissions when you set auditing. I believe this because of
prior experiences, adn because when I tried deleting all of the current
permissions, it gave me a big pop-up warning box that everyone would be
denied access. Ideally there should be an option to "edit" the current
auditing settings rather than replacing them, but that does not seem to be an
option.

2. Also, in the Security Templates MMC, I could not drill down any further
than just the first level of registry subkeys. E.g. it would let me audit
all of HKLM\SOFTWARE, but will not let me audit the \Windows\Current
Version\Run\ subkey or the \System\CurrentControlSet\Services\ for example.

I tried editing the .INF text file manually, but I couldn't figure out how
to do the first item, and wasn't sure editing either .INF file manually in
that way would actually work.

This is probably possible via a batch file or VBS script, but if you support
a large enterprise, or want the change to be applied to future new systems as
well, that isn't very optimal.

--
kind regards,
Karl Levinson, CISSP, CCSA, MCSE