none
Old domain gone, but GP lives on

    Question

  • Here is the situation:

    SmallCo bought a rather large facility from BigCO.  As part of the purchase, BigCo left the infrastructure in place, and a few machines related to facilities maintenance.  One of these machines runs a sugar silo, and runs software created in-house by BigCo.  Unfortunately, BigCo abruptly shut down all their servers, packed them up, and shipped them off, orphaning the facilities related machines.  To make it worse, BigCo was paranoid about user rights, and had lots of things locked down via GPO.  Even local administrators can't bring up Taskmgr, for instance.

    I was able to create a fake domain by the same name as the one BigCo had, and that finally let me remove the machines from the domain.  Now I am stumped about what to do about all the restrictive GPO settings.  Is there any way to remove the GPO's, or set everything back to a default state?

     

    Thanks for any suggestions.

    Tuesday, September 27, 2011 4:41 PM

Answers

  • Hi,

     

    Please try the following steps on one of the client to check the result.

     

    Delete All Group Policy Registry keys

    ========================

    1. Click “Start”, type “regedit.exe” (without quotation marks) into “Start Search” box and press Enter.

    2. Locate the following key:

     

    [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft]

     

    Right click on "Microsoft", click "Export"; please name the file as "RegBackup" (without quotation marks) and then save it to the C:\ drive as a backup.

     

    Note: In case we need to undo the modification, we can double click this RegBackup.reg file to restore the registry key.

     

    3. Highlight Microsoft and click "Delete".

    4. Please repeat the above steps for the following registry keys.

     

    [HKEY_CURRENT_USER\Software\Policies\Microsoft]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

     

    Note: if some keys do not exist, please ignore them.

     

    3. Exit the Registry Editor.

     

    What’s the result?

     

    If it works, you may use Registry GPP item to deploy the above registries.

     

    Regards,

     

    Forum Support

    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Wednesday, September 28, 2011 7:08 AM

All replies

  • Hey there. Well, the answer to your question is going to depend upon the types of settings that were applied and the client OS in place. If you're talking security settings, then have a look at http://support.microsoft.com/kb/313222. If you're talking Admin Template, have a look at my freeware "Clean Registry Policy" utility at www.sdmsoftware.com/freeware, which is essentially designed to remove Admin Template policies that have been orphaned on a machine.

    Darren


    Darren Mar-Elia MS-MVP, Group Policy
    www.gpoguy.com
    www.sdmsoftware.com - "The Group Policy Experts"
    Tuesday, September 27, 2011 9:14 PM
  • I'll give those a try.

     

    Thanks

    Tuesday, September 27, 2011 10:22 PM
  • Hi,

     

    Please try the following steps on one of the client to check the result.

     

    Delete All Group Policy Registry keys

    ========================

    1. Click “Start”, type “regedit.exe” (without quotation marks) into “Start Search” box and press Enter.

    2. Locate the following key:

     

    [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft]

     

    Right click on "Microsoft", click "Export"; please name the file as "RegBackup" (without quotation marks) and then save it to the C:\ drive as a backup.

     

    Note: In case we need to undo the modification, we can double click this RegBackup.reg file to restore the registry key.

     

    3. Highlight Microsoft and click "Delete".

    4. Please repeat the above steps for the following registry keys.

     

    [HKEY_CURRENT_USER\Software\Policies\Microsoft]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

     

    Note: if some keys do not exist, please ignore them.

     

    3. Exit the Registry Editor.

     

    What’s the result?

     

    If it works, you may use Registry GPP item to deploy the above registries.

     

    Regards,

     

    Forum Support

    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Wednesday, September 28, 2011 7:08 AM
  • Thanks Arthur and Darren.  As these machines are mission essential, and they do currenty function, I will wait until the site is closed for the weekend to try these out.  I will post my results then.
    Wednesday, September 28, 2011 7:07 PM
  • Hi,

     

    I would like to confirm what is the current situation? If there is anything that I can do for you, please do not hesitate to let me know, and I will be happy to help.

     

    Regards,

     

    Arthur Li

    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    tnmff@microsoft.com.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Monday, October 03, 2011 2:46 AM
  • I appologize for not updating.  Please understand that I am a contractor, and have several clients.  One of them had a fire on Friday morning that destroyed some servers.  I have worked about 40 hours since then, and it's only Sunday evening.  I am happy to report that most functionality will be available on Monday when people show up to work, but I still have work to do.

    This will have to wait for next weekend.

    I promise I will update this as soon as I can.  I have not forgotten, nor will I abandon this post.

    Monday, October 03, 2011 5:17 AM
  • After deleting these registry keys on one of the afflicted machines, I ran 'gpupdate /force'.  It took a LONG time, but the machine seems to have lost the restrictions imposed by the previous domain Group Policy. 

     

    Thank you for your help.

    Monday, October 10, 2011 12:44 AM
  • This worked for me as well but after I deleted the above mentioned registry keys a gpupdate /force brought back the old settings.

    I was able to completely remove the old settings by restarting the computer after deleting the suggested keys and when I checked the applied settings using gpresult /h bla.html only the current policy was applied.

    • Proposed as answer by RoberBruce Thursday, June 20, 2013 1:44 PM
    Thursday, June 20, 2013 1:43 PM