Windows 10 - Local Group Policy changes

Bill Clark 181 Reputation points
2021-10-15T15:09:54.53+00:00

We have several Windows 10 clients on our network that are not joined to our AD domain(and they need to stay this way). I'm modifying a few Computer policies(Windows update settings) using GPEdit.msc on one of the clients and before I copy the resulting c:\windows\system32\grouppolicy*.* to another similar client, I want to know if there is any SID or unique client information contained in the Local Group Policy that would be duplicated. While I want the same Windows Update settings applied, the clients need to keep their own unique identity.

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,418 questions
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,640 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Reza-Ameri 16,776 Reputation points
    2021-10-15T15:32:08.353+00:00

    Have you consider using Import-GPO command in the PowerShell and you may use it to import Group Policy object, take a look at:
    https://learn.microsoft.com/en-us/powershell/module/grouppolicy/import-gpo
    You may write a PowerShell command execute it to import GPO on clients.


  2. MotoX80 31,391 Reputation points
    2021-10-16T20:07:42.353+00:00

    I used to support internet exposed web servers which were in an isolated network. They were not allowed to be domain members. To configure those servers I used the Security Configuration and Analysis tool to define a template with audit polices, password policies, eventlog settings, etc. We had a .bat file that used secedit.exe to apply those settings to new servers. It also used reg.exe to import registry entries from .reg files.

    https://petri.com/using-windows-server-2012-security-configuration-and-analysis-tool

    0 comments No comments

  3. Limitless Technology 39,301 Reputation points
    2021-10-18T09:19:03.107+00:00

    Hi there,

    I think the SID will not be duplicated in this scenario.
    If you ask, having multiple computers with the same machine SID is a problem?
    It’s not the SID that ultimately gates access to a computer, but an account’s user name and password: simply knowing the SID of an account on a remote system doesn’t allow you access to the computer or any resources on it.

    The Machine SID Duplication Myth (and Why Sysprep Matters)
    https://techcommunity.microsoft.com/t5/windows-blog-archive/the-machine-sid-duplication-myth-and-why-sysprep-matters/ba-p/723859


    If the reply is helpful, please Upvote and Accept it as an answer

    0 comments No comments