Solved

Deleted group policy still active

Posted on 2011-03-25
13
813 Views
Last Modified: 2012-06-27
We recently moved our DC from a Server 2003 to a 2008R2 server and in the process of moving servers a group policy was deleted for redirected folders. The GP is still active and we can't seem to find how to eliminate it from AD. Is there a way to do this easily?
0
Comment
Question by:toadstool331
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +3
13 Comments
 
LVL 11

Expert Comment

by:nordtorp
ID: 35218001
The computers do not know what the default values without a policy are and therefore, you still have redirection set on the computers.

 When you remove a policy the computers still know the settings from the policy.
0
 
LVL 7

Expert Comment

by:chris_martin62
ID: 35218031
You you tried using gpotool.exe. Heres a link that tells you a little about it. http://technet.microsoft.com/en-us/library/cc784165(WS.10).aspx
0
 

Author Comment

by:toadstool331
ID: 35218052
So what is my next step? How do I eliminate the GP from all machines?
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 11

Expert Comment

by:nordtorp
ID: 35218123
The policies has set some permanent settings in registry, you have to reverse the settings set from the policy. Either by a client side extension policy with remove registry keys or some Clean Registry Policy software.
0
 
LVL 6

Expert Comment

by:Lee_YCP
ID: 35218229
I make no warranty about proposed registry changes.
See http://support.microsoft.com/kb/201453
To find the GPO Policies on the local machines in question
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History
see if the subkey for your GPO is still there and delete the subkey under History that coresponds to your policy
0
 
LVL 7

Expert Comment

by:chris_martin62
ID: 35218330
take alook at this it may help fix the broken GPO http://technet.microsoft.com/en-us/library/cc816765%28WS.10%29.aspx
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 35218417
If you want to stop folder redirection you need to do it the correct way.

http://support.microsoft.com/kb/888203

If you have already deleted the GPO then you might have to manually move the data back the local machines.
0
 
LVL 9

Expert Comment

by:binary_1001010
ID: 35218456
you can use dcgpofix.exe /target:dc{domain} to fix default domain policy issue.
0
 

Author Comment

by:toadstool331
ID: 35218492
FYI,
What I have in the registry is:

History
  {SubKey 1}
       0=Local Group Policy
       1=Stop Folder Redirect
       2=Windows Desktop Search
       3=Global Printer Policy
       4=Default Domain Policy
  {SubKey 2}
       0=Default Domain Policy

0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35218508
Again for redirected folders the policy is not active anymore you just didn't send the folders and contents back to the local computers which is the problem. Please read link I posted you will get better understanding of the issue
0
 

Author Comment

by:toadstool331
ID: 35218717
dariusq,
OK, I was able to make the changes to the Stop Folder Redirect Policy we made. I'm getting this error now. Suggestions?

Aborting redirection of folder My Documents. The new folder path cannot be a subdirectory of the current path. The folder is configured to be redirected to <\\iws-rds\users\%USERNAME%\My Documents>. Files were to be moved from <\\iws-rds\USERS\administrator> to <\\iws-rds\users\Administrator\My Documents>.
0
 
LVL 11

Expert Comment

by:nordtorp
ID: 35218744
See the answer post here
0
 

Author Closing Comment

by:toadstool331
ID: 35218802
You Rock!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question