This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 28.000000000000004%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Hello,
I moved a Windows machine WIN8.1 Enterpise from a domain network and moved it in a Workgroup network.
I login to that PC as local Admin now.
When I tried to make some modifications in the local GPO of that machine, I found out that some of the options are greyed out and I cannot modify them. I think that's probably because of the Domain GPO already applied on this machine while it was member of the domain.
Is there any way to have these options available for selection locally and not greyed out?
I mean block Domain GPO applied and have the local GPO applied.
Regards
Kostas
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 15%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELO%3C/text%3E%3C/svg%3E)
Hi Kostas,
This is default behaviour and will not automatically be reversed. Please read this article as one needs to reverse the domain policy actions placed on this (now domain-removed) machine: https://www.thewindowsclub.com/how-to-reset-windows-security-settings-to-its-defaults
Hope this helps,
BR, Leon
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi,
If you didn't remove the domain GPOs when remove the disjoin the domain, here are 2 ways to clear the domain GPO settings:
1 way :
Join to the domain again , and put it into a new OU
Block inheritance from parent GPOs.
Define security settings to default value you needed.
Run gpudate /force on the client computers.
Check if local security settings is come back to default settings on the client computer.
Disjoin the client computers.
The other way
Delete all group policy registry keys(Before any changes for the registry key, please do the back up )
For more details you can refer to the following link:
https://social.technet.microsoft.com/Forums/lync/en-US/a13a51eb-cc15-41dc-8a81-67454bac0cd5/group-policy-security-settings-not-editable-after-removing-client-from-the-domain?forum=winserverGP
Best Regards,
Hi,
Welcome to share your current situation if there are any updates.
Please feel free to let us know if you need further assistance.
Best Regards,
