Group Policy Clean up @ My Company
Posted on 2014-02-19
Good morning everyone.
I have been tasked with cleaning up the disaster that is my company's group policy..... I'm in need of some clarification...
Control Panel/Personalization/Prevent Changing Screen Saver ENABLED
So If I understand group policy correctly, since this setting is "flipped on" (ive read this also referred to as "tattooed") even though I choose "not configured", it will stay "flipped on" until it is "flipped off" correct? So for me to clean this setting, I have to flip it to Disabled, let it sit for a while and then set it to "not configured". Is that correct?
Now, I am working in a Group Policy environment that has existed since this company went to active directory a thousand years ago.... It has been used and abused. I am thinking that there are probably settings all over the place that have been "flipped on" and never "flipped off". The only way I can think to get around this is to clear the GPO policy on the client machines and force a GPO update..... I've taken a look around and found I can do either of the following:
or should i just delete
then a gupdate /force
Think I can add a script to their login .bat files that does this safely?
Folder Redirection Downloads : Enabled
So even if I choose "not configured" now, it will still be "tattooed" on the computers that have ran this policy. I should flip it to disabled, let it sit, then flip to "not configured" correct?
One more question, if settings are set to "not configured" will they show up on the GPMC when click the "Settings" tab? (im thinking the answer is no...)
Thanks for your help!