Default Domain Policy deleted

Here you go:
http://support.microsoft.com/kb/556025

or

dcgpofix /ignoreschema /target:Domain
http://technet.microsoft.com/en-us/library/hh875588.aspx

You can probably use the command: dcgpofix

http://technet.microsoft.com/en-us/library/hh875588.aspx

I already tried dcgpofix.  That didn't work.  I hadn't tried with the /ignorschema switch, but that didn't work either.

@Stoner79: I tried the first kb article you posted, but there is on GPO tab in ADUC.  Any suggestions?

Did you get any errors when you ran the command?  So the default domain policy was deleted?  I'm asking because I may spin up a VM and test this on 2012 (never tried on 2012)

Thanks

Mike

No errors running  dcgpofix /ignoreschema /target:Domain  I also tried dcgpofix /target:both.

It appears the policy is in the sysvol folder, but it doesn't appear in group policy management.  When I try to create a new policy called Default Domain Policy, I get an error that GPO with this name already exists.

It seems that the policy is still present in AD database.Open ADSiedit and check for the orphan gpo guid.

Path=CN=Policies,CN=System,DC=DomainName,DC=com by using ADSIEDIT.msc

I will also recommend before you proceed with deletition.Download resource kit tool and run gpotool.You will het the policy quid details and policy name and then proceed with deletion.http://www.microsoft.com/en-in/download/details.aspx?id=17657

Do you have sysvol backup.If yes then you can restore the policies and script folder on DC and perfrom authorative and non authorative restore of sysvol.

If no backup and default domain contoller and default domain policy is missing then you need to run dcgpofix.

To reset the Domain GPO, type dcgpofix /target:Domain
To reset the Default DC GPO, type dcgpofix /target:DC
To reset both the Domain and Default DC GPOs, type dcgpofix /target:both

Note:
Domain GPO GUID -{31B2F340-016D-11D2-945F-00C04FB984F9}
DC GPO GUID - {6AC1786C-016F-11D2-945F-00C04FB984F9}
http://support.microsoft.com/kb/556025

Hope this helps

I don't have a sysvol backup, shadow copies weren't turned on, and there is no hyperv snapshot.

I can't delete it with ADSI edit either.


Both of those GUID's are in the sysvol folder.

Both the quids are in sysvol then why are you deleting.It seeem to be permission issue.Before you proceed with deletion can you post the gpotool output.

C:\Program Files (x86)\Windows Resource Kits\Tools>gpotool
Validating DCs...
Available DCs:
DC1.home.wiglack.com
Searching for policies...
Found 2 policies
============================================================
Policy {31B2F340-016D-11D2-945F-00C04FB984F9}
Friendly name: Default Domain Policy
Policy OK
============================================================
Policy {6AC1786C-016F-11D2-945F-00C04FB984F9}
Friendly name: Default Domain Controllers Policy
Policy OK
============================================================

Policies OK

C:\Program Files (x86)\Windows Resource Kits\Tools>

Yes they match sysvol\policies

From you post it appears your default domain and domain controllers policy are present but you mentioned that they are not showing up in GPMC, is this correct?

If so, try to clear you MMC cache in your profile.

Which can be found in the following location: C:\Users\%username%\AppData\Roaming\Microsoft\MMC

@compdigit44: I did that, no change.  I rebooted after deleting the files.  No dice.  I logged in as a new user and there still is no Default Domain Policy.

Ok so when you run the gpotool it is showing the default domain / domain controllers policies named correctly, but not via GPMC is this correct.

If so, can you please upload a screen shot of what you are seeing in GPMC.

How would I do that?