Solved

Missing administrative templates from Group Policy Windows 2012 Domain Controllers

Posted on 2016-08-25
6
28 Views
Last Modified: 2016-08-26
Today I went to edit our domain group policies (which I do often) and found the Administrative templates is empty.      Example right click any policy and choose edit then select user configuration then select policies then Administrative templates and none of the usual items and sub folders are there.      Any ideas how to resolve this?

Windows 2012 domain controllers.  (both have same issue)
0
Comment
Question by:Zoldy2000
  • 4
  • 2
6 Comments
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 41771213
Do you use a central repository?

GP definitions can be copied from any machine.  You can go to C:\Windows\PolicyDefinitions and copy them from any 2012 server.  I'm not certain that you wouldn't encounter any issues if you were to copy from a newer OS (but from my understanding I think it's unlikely).  What you find in that folder is only the templates, not the actual GPOs.  You can also download templates from MS, just search for the version you want.  Example:
https://www.microsoft.com/en-us/download/details.aspx?id=36991

Compare what's available from another machine or download to what you have in the PolicyDefinitions folder.
0
 
LVL 2

Author Comment

by:Zoldy2000
ID: 41771521
The policy definitions are already in that folder.    I installed the latest ones anyone and still have the same issue.     Not sure if this is a clue but the only policy template that is showing is a custom one from a software vendor for deployment and it is located in a different folder.      Could mind be somehow reading from the wrong folder?  

C:\Windows\SYSVOL\sysvol\mydomain.com\Policies\PolicyDefinitions
0
 
LVL 2

Author Comment

by:Zoldy2000
ID: 41771524
I just copied these files C:\Windows\PolicyDefinitions to here C:\Windows\SYSVOL\sysvol\mydomain.com\Policies\PolicyDefinitions and that fixed the problem although I am still puzzled why this happened at least it worked.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 39

Assisted Solution

by:footech
footech earned 500 total points
ID: 41772005
That's the location of the central repository (it's something that has to be set up manually).  Without that set up, each machine would look at their own C:\Windows\PolicyDefinitions folder when editing GPOs.  That's why I asked if you had one set up - to know where GP considers the source.

As to how files got removed, that I can't answer.  If you have auditing turned on you may be able to glean the information.
0
 
LVL 2

Author Comment

by:Zoldy2000
ID: 41772081
Resolved thanks
0
 
LVL 2

Author Closing Comment

by:Zoldy2000
ID: 41772083
Thanks
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now