Share via

Reset Default Group Policy

Jeremy@7th 0 Reputation points
2023-06-22T19:33:32.0866667+00:00

I am trying to reset the default group policies, Default Domain Controllers Policy and Default Domain Policy.

When I run the dcgpofix /target:both (with or without /ignoreschema) I get the prompts "You are about to restore Default Domain Policy and Default Domain Controller Policy for the following domain XXXXX.local as well as "This operation will replace all 'User Rights Assignments' made in the chosen GPOs. This might cause some server applications to fail. Do you want to continue" in which I choose Y for both.

It tries to run but then fails saying "Unable to delete the file or directory E:\Windows\SYSVOL\sysvol\XXXXX.local\Policies{31B2F340-016D-11D2-945F-00C04FB984F9}\USER\Preferences\ScheduledTasks"

If I try them one at a time (/target:dc or /target:domain) I get the same error for domain but for /target:dc it says "Unable to delete the file or directory E:\Windows\SYSVOL\sysvol\XXXXX.local\Policies{6AC1786C-016F-11D2-945F-00C04FB984F9}\MACHINE\Microsoft\Windows NT*."

I've tried going to the delegation in the GPMC as well as ADSI edit and adding specific permissions to my user account to no avail. The account I am using as a full domain/enterprise administrator.

I'm not sure what else to try here. I need to restore these policies. The OS is Server 2019 Standard.

Windows for business Windows Client for IT Pros User experience Other

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 44,751 Reputation points
    2023-06-23T14:47:29.4+00:00

    Hello there,

    Try these commands and see if that helps.

    To reset the Group Policy settings on a Windows system to their default values, you can use the following steps:

    Open an elevated Command Prompt or PowerShell session. To do this, right-click on the Start menu and select "Command Prompt (Admin)" or "Windows PowerShell (Admin)".

    In the Command Prompt or PowerShell window, type the following command and press Enter:

    RD /S /Q "%WinDir%\System32\GroupPolicy"

    Next, type the following command and press Enter:

    RD /S /Q "%WinDir%\System32\GroupPolicyUsers"

    Note: These commands will delete the Group Policy settings stored in the "GroupPolicy" and "GroupPolicyUsers" folders.

    Finally, type the following command and press Enter:

    gpupdate /force

    This command updates the Group Policy settings on the local computer.

    After executing these steps, the Group Policy settings on the system will be reset to their default values. Keep in mind that this process only affects the local Group Policy settings and does not affect any policies applied through Active Directory in a domain environment.

    It's important to exercise caution when modifying Group Policy settings, as they can have a significant impact on system behavior and security. Make sure to have a backup or system restore point in case you need to revert any changes.

    I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.