Is it possible to remove Group Policies set by Domain if the domain no longer exists?

Anonymous
2023-01-23T17:32:12.66+00:00

The original domain is no longer able to be connected to the user's computer. The Group policy restricts Windows Update. I would like to know if this can be overidden by a local admin account or if a computer can be removed from the domain without wiping it if the Domain is no longer available.

Windows for business | Windows Client for IT Pros | User experience | Other
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Thameur-BOURBITA 36,261 Reputation points Moderator
    2023-01-23T17:47:51.54+00:00

    Hi,

    The group policy settings already applied remain applied on member computer even if the domain is not available.

    Some settings can be impacted when you disjoin the computer from domain.

    Please don't forget to mark helpful answer as accepted

    0 comments No comments

  2. Tasadduq Burney 8,956 Reputation points MVP Volunteer Moderator
    2023-01-23T17:50:51.2266667+00:00

    If the original domain is no longer accessible and you are unable to connect to it, it may be difficult to remove the Group Policies that were set by that domain. However, there are a few things you can try:

    1. Use the Local Group Policy Editor: If you are on a Windows Pro or Enterprise machine, you can use the Local Group Policy Editor (gpedit.msc) to edit or remove the Group Policy settings that were applied by the domain. Keep in mind that this will only work for policies that have been applied to the local machine and not for those applied to the domain.
    2. Use the Registry Editor: You can also use the Registry Editor (regedit.exe) to remove Group Policy settings by editing the registry keys that store the policy settings. Keep in mind that this method can be risky, and you should be familiar with the registry before attempting it.
    3. Remove the computer from the domain: If you can't remove the policies and the domain is no longer accessible, you can remove the computer from the domain and join it to a new domain or workgroup. This will remove all the policies applied by the original domain, but you will lose any domain-specific configurations and settings.
    4. Reinstall Windows: As a last resort, you can reinstall Windows on the computer, which will remove all policies, software, and settings. But this is a drastic measure and it will wipe the computer completely.
    0 comments No comments

  3. Limitless Technology 44,766 Reputation points
    2023-01-25T10:39:04.1566667+00:00

    Hello there,

    This cannot be overridden by local admin

    Advanced Group Policy Management (AGPM) enables Approvers to delete a controlled Group Policy object (GPO), moving it to the Recycle Bin.

    A user account with the Approver or AGPM Administrator (Full Control) role or necessary permissions in Advanced Group Policy Management is required to complete this procedure.

    You can check this thread for detailed instructions https://learn.microsoft.com/en-us/microsoft-desktop-optimization-pack/agpm/delete-a-gpo-approver

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.