Link to home
Start Free TrialLog in
Avatar of machealth
machealth

asked on

Exporting and importing Group Policy

Hi,
I have a number of different LANs each with their own domain controller. I want to export the Domain Controller Security Template from one DC and import into another DC (on a seperate LAN).

So I open the Default Domain Controller Group Policy and right click on "security settings" but the "export policy" option is greyed out. Why is this?

I though I would be able to expor the security settings to an *.inf file and then import that into another DC.

Any help would be much appreciated.
ASKER CERTIFIED SOLUTION
Avatar of Seelan Naidoo
Seelan Naidoo
Flag of South Africa image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Nirmal Sharma
Nirmal Sharma
Flag of United States of America image
That's an easy task if you follow these steps: -

By default, when you promote your computer to domain controller for the first time only two Group policy objects are created in Active Directory. These two GPOs are Default Domain Policy and Default Domain Controller Policy. Windows gives two GUID for these two GPOs so it can identify them easily in the SYSVOL store. Goto the following location in SYSVOL store: -

\WINNT\SYSVOL\sysvol\animaster.com\Policies, here you will find two or more GUID for your policy such as:  -

\WINNT\SYSVOL\sysvol\animaster.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}   This is for Default Domain Pol
\WINNT\SYSVOL\sysvol\animaster.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}    This is for Default DC pol.

Now whatever you configure in these two policy are stored in the above folder. So simply copy the folder where you have configured the policy that's it. I have used this a number of time.

Steps to copy the folder: -

1. Double click on one of GUID, the last one is for Default Domain Controller Policy.
2. Now copy all the folders and take it to floppy or send via email.
3. Now goto another server and double click in the same GUID and then paste the folders.
4. Now open Default Domain Controller policy, you will see all configuration you saved.

Let us know.

Cheers
SystmProg