JerryPotter
asked on
What is the best way to recreate the Default Domain Policy on an a production system.
ASKER
Thanks for the quick response, we have backups, but the problem is I am not sure when the GPO became corrupt. I also found those options before. Does anyone know which option is the easiest? Does Dcgpofix.exe work well?
"I am not sure when the GPO became corrupt" - I'd restore it from backup, it's just a folder. Do you have file level backups of your DC?
ASKER
I do have file level backups, unfortunately I believe that this became corrupt before I started working here and that was almost 3 years ago. I know we have changed how our backup works and I believe, got rid of the old things. I think I am stuck with remaking it. I do have a printed copy of the GPO with the settings that were in it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the answers, I found out I did have some corrupt files and also the Certificate Services Client was messed up. After fixing that issue I ran the dcgpofix and reconfigured everything. Everything seems to be working. Thanks for the help.
If you prefer an empty, default def.dom.pol, read https://support.microsoft.com/kb/556025?wa=wsignin1.0 for options.