Apply Active Directory domain group policy to standalone PC

Posted on 2012-09-21
Last Modified: 2012-09-24
We have an Active Directory 2003 domain with Windows XP workstations. Many settings on the workstations are configured and locked down via Active Directory domain group policy.

We need to send a few workstations to a remote office that does not have a domain controller or a connection to the domain. We're planning to remove the workstations from the domain and create local users.

How can we apply the Active Directory group policies to the local users on the workstations? Will we be able to manage the policies on the local computers (perhaps via gpedit)? Are there other things we are not anticipating that we should be aware of?
Question by:IntInc
    LVL 11

    Accepted Solution

    It's going to be very difficult to do this in my experience.  You're better off getting a third-party software like DeepFreeze (or similar) to lock a standalone computer down.  

    It's possible using GPEdit to do this but making any changes is difficult and you have to be very careful not to lock yourself out of the computer by setting a policy you can't undo.
    LVL 17

    Expert Comment

    by:Brad Bouchard
    I would try some sort of software that is free such as Kaseya's free remote management tool.  It installs on the computer and allows you remote access at all times and then you could just use the gpedit.msc of the local machine.  You could copy GPOs from your domain and use the same settings on the workgroup computers.
    LVL 26

    Expert Comment

    by:MidnightOne seems to have a method of doing what you want, but be aware once a non-domain computer enters the wild, it's out of your hands.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Can I legally transfer my OEM version of Windows to another PC?  (AKA - Can I put a new systemboard in my OEM PC?) Few of us are both IT and legal experts but we all have our own views of Microsoft's licensing rules and how they apply.  There are…
    We have adopted the strategy to use Computers in Student Labs as the bulletin boards. The same target can be achieved by using a Login Notice feature in Group policy but it’s not as attractive as graphical wallpapers with message which grabs the att…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now