Solved

How to remove/reset previous GPO settings from computer that is no longer part of the domain

Posted on 2016-11-23
2
64 Views
Last Modified: 2017-01-11
I have a computer that is no longer on the domain. It still have the GPO's from when it was on the domain. I've tried multiple suggestions of
clearing/resetting it but none of them have worked. Below are just a few i've tried:

Delete the "HKLM\Software\Policies\Microsoft" Key (looks like a folder).
Delete the "HKCU\Software\Policies\Microsoft" Key
Delete the "HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects" Key.
Delete the "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies" Key.

Delete C:\WINDOWS\security\Database\secedit.sdb
Gpupdate /force /boot

I know it is still hanging on to the previous GPO because we had a setting to display some custom verbiage at the login screen - which is still showing up.
0
Comment
2 Comments
 
LVL 2

Expert Comment

by:Raul Ivan Medina Urista
ID: 41899586
Try with these keys gpupdate /force and restart the computer:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History

Regards
Raúl Medina
0
 
LVL 40

Accepted Solution

by:
footech earned 500 total points
ID: 41899857
Many group policy settings (true "policies") are removed whenever the GPO no longer applies, but then there are preferences which tattoo their settings, and the setting does not revert when the GPO is gone.  To undo these preferences, you have to set the GPO to reverse the setting it previously made.
Here's a couple links which explain the difference between GP policy, preferences, and GP Preferences.
http://blogs.technet.com/b/grouppolicy/archive/2008/03/04/gp-policy-vs-preference-vs-gp-preferences.aspx
https://sdmsoftware.com/gpoguy/whitepapers/understanding-policy-tattooing/

So the answer to your question is "it depends".  There is no one registry key that you can delete to revert all GP settings.  Depending on the setting, it could be anywhere, even something outside the registry.

To try to track it down, you would need to know the exact setting, and then look it up in the GP reference spreadsheet from MS (available as part of the .ADMX files download, and that's assuming that the setting is even part of that).  From there you could see what registry value it sets.  If it's not part of the above, then you'll have to look at the GPO that configures the particular setting you're seeing, and go from there.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

First some basics on Windows 7 Backup.  It has 2 components one is a file based backup which is stored in .zip files each zip is split at around 200 Megabytes and there is the Image Backup which is as the name implies a total image of the partition …
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

827 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question