Solved

How to undo LabTechSoft's security policy after uninstall

Posted on 2015-01-01
4
148 Views
Last Modified: 2015-01-02
Hello fellow Geeks,

I have recently acquired a new customer who had a previous IT company using Labtech software's remote monitoring and support tool.

Now I'm not about to claim my tool is any better or worse, but the Labtech software install was like a virus as it has no uninstall option and you have to do about a 5 step process to remove it from the pc.....That's not so bad really...

But the security policy is left altered by the application.

Now normally I'd not have too much issue with that at this point, but some users in the building are locked down pretty tight and others, not so much.

Here are my questions:
Server 2008R2
Boxes all Win7


1.  If i use the MS method to "default local security policy" via command promt,  Will it break my existing connections to the domain server?  In other words, will it break anything?  (The goal is to get everyone back to same ness)

2.  If I reset the policy to default on the SERVER, will it break any client connections?  Will it break anything?  

3. If I reset "DOMAIN policy" on the server to default, will it break anything?

This is an in production domain controller and clients.

P.s.  Typically I build my own networks from scratch and they behave exactly like I expect them to, but since I'm inheriting a network, I'm a bit paranoid about just resetting default values as I've never had to do that before.

Thank you all for the help
Ike
0
Comment
Question by:Faxxer
  • 2
  • 2
4 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 40527844
Hi Ike.

Small steps:
"But the security policy is left altered by the application" - how? Did it set registry keys? You are able to answer that by looking at Settings that are locked and see if what policies and registry keys those settings refer to, look them up in this excel sheet: http://www.microsoft.com/en-us/download/details.aspx?id=25250 (GPO reference by Microsoft)
If the labtech program is no longer active but their settings are still active, then they will have used registry keys and/or xml files (=local policies, see http://technet.microsoft.com/en-us/library/cc978247.aspx ).

So you will definitely be able to undo it then by resetting the client to defaults and reapplying your policies with a gpupdate. The method you are referring to in 1., what is it?
0
 

Author Comment

by:Faxxer
ID: 40527870
Hello McKnife!!!  Thank you for the reply...

The method in 1. I am referencing is the command line provided by Microsoft like this   “secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose”

But there is a little worry as they say it can render the OS unusable ....I'm certainly open to the least risky way of trying to reset policy.

I have been a fan of keeping security policy on the machines to their defaults, and train users on how to behave as most of my customers are small offices and I can give them alot of personal time.
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 40527894
Secedit should not be used anymore at vista/7/8.x. Either you
-undo the changes manually (using the list I linked and regedit)
-or you setup policies configured to disable the settings that the tool has set
-or you try to do an inplace upgrade of windows (aka a repair installation) which will reset security settings to the default. but remember, security settings are not all there might have been set.
0
 

Author Comment

by:Faxxer
ID: 40527917
Thank you for clarification on that...  I was wondering if that wasn't an outdated method myself but some guys still post on some sites about it.

I will follow your method to tred lightly and take my time rather than blast on in.

Thank you
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
On some Windows 7 (SP1) computers, Windows Update becomes super slow even the computer is reasonably fast.  There's one solution that seemed to have worked well for me (after trying a few other suggested solutions).
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question