Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 372
  • Last Modified:

Need to replace ADM files

My predicessor applied Group Policy Objects on the actual local GPOs on a terminal server.

We have a lot going on that terminal server and I created an OU in AD with what I believe to be a valid set of GPOs.

I want to move the server into that OU.

I have disabled, per a MS KB, all GPOs on the terminal server so that only Domain Policies and the new Terminal Server OU Policies are in affect.

I think I'd like to take the ADM files from a newly created Terminal Server and copy them OVER the ADM files on the old Terminal Server so that all previous footsteps are erased.

Been reading some Brian Madden stuff and it appears that I can't find a definative answer on this.
1 Solution
The GPO's are ont he domain controllers and are not copied onto the terminal servers unless you have a terminal server which is also a DC.  (I assume you don't have this).  The issue is that if a GPO set a registry entry that is not in a "managed" policy then removing it from the policy does not change back the settings.  In the past I have run RSOP.MSC on the machine in the old OU and then after moving it to the new ou have a look at what changed.  Then Create a New GPO that sets the settings that are left over (that is they are not in the new set) and set them back to the defaults.  Sorry this is messy but it's the only way to ensure that the registry on the server is correct.

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now