Apply Active Directory domain group policy to standalone PC

We have an Active Directory 2003 domain with Windows XP workstations. Many settings on the workstations are configured and locked down via Active Directory domain group policy.

We need to send a few workstations to a remote office that does not have a domain controller or a connection to the domain. We're planning to remove the workstations from the domain and create local users.

How can we apply the Active Directory group policies to the local users on the workstations? Will we be able to manage the policies on the local computers (perhaps via gpedit)? Are there other things we are not anticipating that we should be aware of?
IntIncAsked:
Who is Participating?
 
epichero22Commented:
It's going to be very difficult to do this in my experience.  You're better off getting a third-party software like DeepFreeze (or similar) to lock a standalone computer down.  

It's possible using GPEdit to do this but making any changes is difficult and you have to be very careful not to lock yourself out of the computer by setting a policy you can't undo.
0
 
Brad BouchardInformation Systems Security OfficerCommented:
I would try some sort of software that is free such as Kaseya's free remote management tool.  It installs on the computer and allows you remote access at all times and then you could just use the gpedit.msc of the local machine.  You could copy GPOs from your domain and use the same settings on the workgroup computers.
0
 
MidnightOneCommented:
http://www.frickelsoft.net/blog/?p=31 seems to have a method of doing what you want, but be aware once a non-domain computer enters the wild, it's out of your hands.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.