none
Connection Security Rule will not delete

    Question

  • I have a server that had a GPO apply to it, This GPO applied a incompatible security rule, now no other computer or server (domain joined or otherwise) can connect to it. Unfortunately the GPO has since been deleted  so the Security Rule is still in place and cannot be removed.

    How do i go about deleting this security rule when the GPO is no longer present?

    Also so you know, the server is the CA and as such cannot be just removed and rejoined to the domain, hope you can help.

     

    Update:

    things iv tryed:

    Moved Server to new OU, removed membership of server to all groups, other than its primary group.

    Deleted:

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History

    HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec

    • Edited by David Hayman Tuesday, November 17, 2015 11:28 PM update
    Tuesday, November 17, 2015 11:04 PM

Answers

  • Hi David,

    According to your description, I would suggest you delete all group policy registry keys below.

    Before you delete registry key, you may need to backup for your AD.

    [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft]

    [HKEY_CURRENT_USER\Software\Policies\Microsoft]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

    For more information, here is a thread for your reference.

    https://social.technet.microsoft.com/Forums/windowsserver/en-US/293034b2-db1a-442d-80a2-aecb1d79f822/clean-group-policy-from-client

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, November 20, 2015 9:04 AM
    Moderator