Solved

Removing Internet Security Settings from group policy which has the 'Reset All zones to default level' disabled.

Posted on 2013-11-28
2
828 Views
Last Modified: 2014-01-15
Got myself in a pickle here...
We applied a policy change to take security settings away from users, unfortunately this was applied to the default domain policy.
The policy has been modified to remove these settings but the settings have 'tatooed' on to the machines on the network.
I have read the way forward is to set the security settings on the server the way you want and then import them into the group policy you want or to use the 'Reset all zones to default level' button but I cannot change the security settings on the server since it too is affected by the lock on security controls.

I am thinking I need to join a new Dc to the domain which won't be tatooed and use it to modify this setting?  I wondered if there is another way before I explored this path.
wonk013.jpg
0
Comment
Question by:dgloveruk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39684570
Do this from a Windows 7 Client. Install the RSAT on a Win7 client and manage your policies this way. Change the settings on there and then apply the policy.

Make sure that your win7 machine does not have this policy applied to it, you can block inheritance or keep the PC in the computers container.

RSAT download - http://www.microsoft.com/en-ca/download/details.aspx?id=7887

Will.
0
 

Author Comment

by:dgloveruk
ID: 39705762
Thanks, managed to to fix this doing what you've said.
Regards,
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question