GPO settings still on computer after imaging

Posted on 2009-07-06
Last Modified: 2012-05-07
One of my associates reconfigured a machines and choose to create a image form this machine. Unforutanly he didn't remove the group policies from the machines. So now when any user logs in it installs a network printer, and maps a drive to a old location that is not in use anymore.  

This image was then used on 90 pc's

My question is how can I remove all GPO's, printers, and map drives from the all users profile or Default user profile. I would like if possible remove all setting and make the all user profiles return to the default settings. It's possible that the gpo are not applying anymore, but the map drives and network printer are somehow stuck in the all users or default users profile

I'm putting the points high, because this is starting to become a big problem in our enviroment
Question by:Con366
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 6

Expert Comment

ID: 24789487

Accepted Solution

ahmad2121 earned 400 total points
ID: 24789511
If you use the same image on all the pcs without running something like ghost walker, they will all have the same SID.. and if that is the case I would remove all the machines from AD, ghost walk them, then rejoin them again.

Author Comment

ID: 24789534
Already tried that

let me note the things I have already done

Already ran kb313222 fix
tried to delete the default and all user profile. Could not delete the allusers profile
Rejoin the machine to the domain and put it in a OU with no policy applied
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 24789543
Newsid was ran on all the machines before joining them to the domain.

I can image a machines run newsid then join it to the domain and the settings are still there.

I belive it involves more than GPO settings as the map drive is also showing up for all users

Author Comment

ID: 24789552
Almost like something is stuck in the profile, from when the machines where sealed with sysprep.

Maybe I could delete the drives and printer, and reseal the machine?

Expert Comment

ID: 24789593
what about creating a new user then logging in with it (on that machine). Same thing happens?

Expert Comment

ID: 24789662
its probably a client application running enforcing those GPs. If you do a RSoP you would know for sure.

It would be best to disable non-microsoft services and then re-enable them until the culprit is found.

I had a similar situation with SCCM.

Author Comment

ID: 24789682
If I create a new user on the local machine. I get a warning about not being able to locate the defualt profile.

But when the profile loads it does not put the printer or map drive

I will need to reimage the machine again as i have made alot of changes to the machine. I also delete the default profile, so that may be part of the problem

Author Comment

ID: 24789710
I ran a Rsop and the output showed no GPO's still in place.

I am leaning to the default profile being messed up after sealing hte machine with sysprep.


Expert Comment

ID: 24789966
Never EVER delete the default profile folder! Profiles would not be created correctly.

All users - applies to all the users of the system
Default user - used for first time logins

Author Comment

ID: 24789973

I understand this, and have already correct this. As I explained I was trying to narrow the problem down, and tried a couple of things. Since then I have reimaged the machine.

I understand that the default profile should not be deleted.

Author Comment

ID: 24790043
I have reimaged the pc, and created another local user to see if the printer and map drive apply to that user account.

The printer and map drive get placed on the profile of a local account.

RSOP reports no policys being applied to the machines.

So the issue does seem to be the all users profile or the default user profile.

In the registry under HKEY_USERS I see the following


all the way to 21

When I look under printers and connections I see the infromation the network printer. Not sure where to look for the map drives.


Expert Comment

ID: 24790047
Ok well, I am sorry I can't be of anymore help. That last thing is your logon scripts, but I'd imagine you already checked those.

Assisted Solution

SilentOnes earned 100 total points
ID: 24794537

removing the Default profile is not a problem
not replacing it may be

When I want a default setting to my users I do adjust one typical profile with all the settings i need
and then log from different users with admin rights
and in folders options set the system to show hidden files and system files
then rename "default user" profile to "default user - org"
my computer - properties - advanced - profiles
select the profile you set previously and copy to default users
set it to be used by everyone

I've been using this process for over ten years now
Hope this helps

Author Comment

ID: 24897692
I was able to fix the problems

for the printer issues, there turns out to be a pug in the newest version of pushprinterconnects.exe. Replaceing this file and adding and then removing the gpo from the machine fixed this problem.

the second issue of the map drive was from the default profile. A map drive was still on the administrators profile when sysprep was run. So it took those settings and made them the default user.

I am able to remove this drive manually, but by GPO would be better. But i will save that for another questions.

Since I only got 2  answers from anybody I will split the points up between you.


Author Closing Comment

ID: 31600374
thoug they did not give the solution to the problem, they did provide information for someones else if they come acroos this thread.

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question