Solved

Cant remove registry changes made with ADM

Posted on 2009-07-01
4
335 Views
Last Modified: 2012-05-07
I was directed to create a new registry key via group policy.  I made the adm file and added that to a new GPO.  Then I was told the path to it was wrong and it should be placed in another existing path.

The problem arises when I change the ADM file and try to replace the changes I made previously.  I go into the GPO remove the template, then add the revised template.

Running gpupdate on the test machine reveals my new setting takes effect, but the old path that is bad is there too.  I delete the key and do a gpupdate and it comes back.  I checked the SYSVOL folder for that GPO and find the ADM template in it; its only the corrected version.  The only way I found to correct the problem is to delete the whole GPO and recreate it.

Where does it get the information to keep making the bad registy key?  How do I get it to purge that setting?
0
Comment
Question by:cavalierlan
  • 2
  • 2
4 Comments
 
LVL 82

Accepted Solution

by:
oBdA earned 500 total points
Comment Utility
Add the "bad" key back to your adm template in a separate policy (you can leave the "good" key in), import the template again, set the policy with the "bad" key back to "Not configured".
For the future: *before* you change an adm template, set ALL policies you're about to change back to "Not configured".
Do NOT remove an adm template for good if there are still policies configured in it! The template just tells the GP editor what to display; removing a template from a GPO does NOT remove any settings configured in the GPO with the help of this template!
0
 

Author Comment

by:cavalierlan
Comment Utility
will I have to leave it in the GPO not configured, or can I remove it once it is not configured?
 
0
 

Author Comment

by:cavalierlan
Comment Utility
Also, do you guys get paid for your points? How does that work?
0
 
LVL 82

Expert Comment

by:oBdA
Comment Utility
Once the setting is back at "Not configured", you can remove the "bad" key again.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

As network administrators; we know how hard it is to track user’s login/logout using security event log (BTW it is harder now in windows 2008 because user name is always “N/A” in the grid), and most of us either get 3rd party tools, or just make our…
Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now