<

Go Premium for a chance to win a PS4. Enter to Win

x

How to restore Active Directory Group Policy with only SYSVOL data

Published on
6,410 Points
510 Views
4 Endorsements
Last Modified:
Shaun Vermaak
My name is Shaun Vermaak and I have always been fascinated with technology and how we use it to enhance our lives and business.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that need to recover Group Policies from files


1) Create new, blank Group Policy

Using GPMC.msc create a new, blank GPO with the same name as the original.



2) Overwrite Group Policy Data

a) Record the Unique ID that was assigned to GPO created in Step 1



b) Copy Machine, User and GPT data from original GPO



c) Paste data (overwrite) into the folder assigned to GPO created in Step 1. The folder is named the same as the Unique ID recorded in Step 2a



3) Fixing Group Policy Settings Preview

Note that after completing Step 1 and Step 2, even though the GPO settings are available within Edit, the Settings Preview shows No settings defined



a) Edit GPO, browse to any unconfigured setting and open it. Tick and untick Define this policy setting and click OK



b) If your GPO contains any Preferences browse to any one of them and simply open it and click OK



Settings Preview should show settings


 

4) Fixing Group Policy Permission

Unfortunately following this process does not restore the original permissions, this has to be added back manually.


Please do not forget to press the "Thumb's Up" button if this article was helpful and valuable for EE members.
It also provides me with positive feedback. Thank you!


4
Comment
0 Comments

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Join & Write a Comment

This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month