Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


How to restore Active Directory Group Policy with only SYSVOL data

Published on
5,099 Points
2 Endorsements
Last Modified:
Shaun Vermaak
My name is Shaun Vermaak and I have always been fascinated with technology and how we use it to enhance our lives and business.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that need to recover Group Policies from files

1) Create new, blank Group Policy

Using GPMC.msc create a new, blank GPO with the same name as the original.

2) Overwrite Group Policy Data

a) Record the Unique ID that was assigned to GPO created in Step 1

b) Copy Machine, User and GPT data from original GPO

c) Paste data (overwrite) into the folder assigned to GPO created in Step 1. The folder is named the same as the Unique ID recorded in Step 2a

3) Fixing Group Policy Settings Preview

Note that after completing Step 1 and Step 2, even though the GPO settings are available within Edit, the Settings Preview shows No settings defined

a) Edit GPO, browse to any unconfigured setting and open it. Tick and untick Define this policy setting and click OK

b) If your GPO contains any Preferences browse to any one of them and simply open it and click OK

Settings Preview should show settings


4) Fixing Group Policy Permission

Unfortunately following this process does not restore the original permissions, this has to be added back manually.

Please do not forget to press the "Thumb's Up" button if this article was helpful and valuable for EE members.
It also provides me with positive feedback. Thank you!

Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Join & Write a Comment

This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month