Improve company productivity with a Business Account.Sign Up


How to restore Active Directory Group Policy with only SYSVOL data

Published on
8,754 Points
4 Endorsements
Last Modified:
Shaun Vermaak
My name is Shaun Vermaak and I have always been fascinated with technology and how we use it to enhance our lives and business.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that need to recover Group Policies from files

1) Create new, blank Group Policy

Using GPMC.msc create a new, blank GPO with the same name as the original.

2) Overwrite Group Policy Data

a) Record the Unique ID that was assigned to GPO created in Step 1

b) Copy Machine, User and GPT data from original GPO

c) Paste data (overwrite) into the folder assigned to GPO created in Step 1. The folder is named the same as the Unique ID recorded in Step 2a

3) Fixing Group Policy Settings Preview

Note that after completing Step 1 and Step 2, even though the GPO settings are available within Edit, the Settings Preview shows No settings defined

a) Edit GPO, browse to any unconfigured setting and open it. Tick and untick Define this policy setting and click OK

b) If your GPO contains any Preferences browse to any one of them and simply open it and click OK

Settings Preview should show settings


4) Fixing Group Policy Permission

Unfortunately following this process does not restore the original permissions, this has to be added back manually.

Please do not forget to press the "Thumb's Up" button if this article was helpful and valuable for EE members.
It also provides me with positive feedback. Thank you!


Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Join & Write a Comment

This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Next Article:

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month