none
Deleting C:\Windows\System32\GroupPolicy\Machine\Registry.pol RRS feed

  • Frage

  • In our aging Win7 estate we've had various Group Policy errors turning up. Many of them are resolved by deleting c:\windows\system32\grouppolicy\machine\registry.pol which seems to have no downside. I was thinking of setting up a monthly scheduled task on these machines to do it to try to avoid future problems.

    Can anyone see problems with this strategy?

    
    Donnerstag, 12. Januar 2017 09:11

Alle Antworten

  • Hi Eric G-S,

    According to your description, you could create a delete batch file and create a Schedule Task to run it monthy. Please refer to the link below to check the steps.

    http://www.howtogeek.com/201930/how-to-automatically-delete-files-in-your-download-folder-on-a-schedule/

    Please Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Hope it will be helpful to you


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Freitag, 13. Januar 2017 02:54
    Moderator
  • Carl Fan

    thank you for your reply. However I already know how to do the task. What I want to know are the risks of deleting this particular file - registry.pol -

    Freitag, 13. Januar 2017 07:07
  • Hi Eric G-S,

    Thank you for your reply.

    As far as I know, clients may have local Group Policies set to the machine to verify Group Policy. Those settings may continue to stick even after the Policies being tested have been disabled. If you set a group policy object to enabled, the registry settings persist and there is no way to disable them permanently. Deleting the policy registry keys is helpful in the short term but they get re-applied each time you restart your computer or run “gpupdate /force”.

    Inside this is a folder for Machine and User policies. Each of those has a registry .POL file which defines the registry settings. Deleting this file keeps the GP keys away.

    Hope it will be helpful to you


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Freitag, 3. Februar 2017 09:39
    Moderator
  • In case anyone reads this in the future, your DirectAccess policies (if configured) are pulled from GPOs. If you delete the registry.pol file and users are not VPN'd to the office and your scheduled task runs, they will not be able to authenticate until they VPN and receive Group Policy again.


    The only true wisdom is in knowing you know nothing.

    Donnerstag, 15. August 2019 18:41