Removing Internet Security Settings from group policy which has the 'Reset All zones to default level' disabled.

Got myself in a pickle here...
We applied a policy change to take security settings away from users, unfortunately this was applied to the default domain policy.
The policy has been modified to remove these settings but the settings have 'tatooed' on to the machines on the network.
I have read the way forward is to set the security settings on the server the way you want and then import them into the group policy you want or to use the 'Reset all zones to default level' button but I cannot change the security settings on the server since it too is affected by the lock on security controls.

I am thinking I need to join a new Dc to the domain which won't be tatooed and use it to modify this setting?  I wondered if there is another way before I explored this path.
wonk013.jpg
dgloverukAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Will SzymkowskiConnect With a Mentor Senior Solution ArchitectCommented:
Do this from a Windows 7 Client. Install the RSAT on a Win7 client and manage your policies this way. Change the settings on there and then apply the policy.

Make sure that your win7 machine does not have this policy applied to it, you can block inheritance or keep the PC in the computers container.

RSAT download - http://www.microsoft.com/en-ca/download/details.aspx?id=7887

Will.
0
 
dgloverukAuthor Commented:
Thanks, managed to to fix this doing what you've said.
Regards,
0
All Courses

From novice to tech pro — start learning today.