Solved

How to undo LabTechSoft's security policy after uninstall

Posted on 2015-01-01
4
151 Views
Last Modified: 2015-01-02
Hello fellow Geeks,

I have recently acquired a new customer who had a previous IT company using Labtech software's remote monitoring and support tool.

Now I'm not about to claim my tool is any better or worse, but the Labtech software install was like a virus as it has no uninstall option and you have to do about a 5 step process to remove it from the pc.....That's not so bad really...

But the security policy is left altered by the application.

Now normally I'd not have too much issue with that at this point, but some users in the building are locked down pretty tight and others, not so much.

Here are my questions:
Server 2008R2
Boxes all Win7


1.  If i use the MS method to "default local security policy" via command promt,  Will it break my existing connections to the domain server?  In other words, will it break anything?  (The goal is to get everyone back to same ness)

2.  If I reset the policy to default on the SERVER, will it break any client connections?  Will it break anything?  

3. If I reset "DOMAIN policy" on the server to default, will it break anything?

This is an in production domain controller and clients.

P.s.  Typically I build my own networks from scratch and they behave exactly like I expect them to, but since I'm inheriting a network, I'm a bit paranoid about just resetting default values as I've never had to do that before.

Thank you all for the help
Ike
0
Comment
Question by:Faxxer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 40527844
Hi Ike.

Small steps:
"But the security policy is left altered by the application" - how? Did it set registry keys? You are able to answer that by looking at Settings that are locked and see if what policies and registry keys those settings refer to, look them up in this excel sheet: http://www.microsoft.com/en-us/download/details.aspx?id=25250 (GPO reference by Microsoft)
If the labtech program is no longer active but their settings are still active, then they will have used registry keys and/or xml files (=local policies, see http://technet.microsoft.com/en-us/library/cc978247.aspx ).

So you will definitely be able to undo it then by resetting the client to defaults and reapplying your policies with a gpupdate. The method you are referring to in 1., what is it?
0
 

Author Comment

by:Faxxer
ID: 40527870
Hello McKnife!!!  Thank you for the reply...

The method in 1. I am referencing is the command line provided by Microsoft like this   “secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose”

But there is a little worry as they say it can render the OS unusable ....I'm certainly open to the least risky way of trying to reset policy.

I have been a fan of keeping security policy on the machines to their defaults, and train users on how to behave as most of my customers are small offices and I can give them alot of personal time.
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 40527894
Secedit should not be used anymore at vista/7/8.x. Either you
-undo the changes manually (using the list I linked and regedit)
-or you setup policies configured to disable the settings that the tool has set
-or you try to do an inplace upgrade of windows (aka a repair installation) which will reset security settings to the default. but remember, security settings are not all there might have been set.
0
 

Author Comment

by:Faxxer
ID: 40527917
Thank you for clarification on that...  I was wondering if that wasn't an outdated method myself but some guys still post on some sites about it.

I will follow your method to tred lightly and take my time rather than blast on in.

Thank you
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question