How to overwrite old GPO's

Luke Coblentz 21 Reputation points
2022-04-19T14:35:53.42+00:00

We recently created a GPO to Lock the computer Screens (Windows Server 2019). We wanted to enforce it for some of the groups we have in our AD, but accidently applied it for authenticated users for alittle bit. We removed the apply permissions for authenticated users and set it to read only. Since then the GPO has been applying for everyone(authenticated users). What is the best solution to undo these settings? Also, what are the next steps? Any help works!

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,986 questions
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,960 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,094 questions
0 comments No comments
{count} votes

Accepted answer
  1. Dave Patrick 426.4K Reputation points MVP
    2022-04-19T19:34:33.353+00:00

    1 = that would likely be a minimum
    2 = If you wanted to revert some setting, you'll need to determine what it was before then create a policy for that group to assign this new setting.

    --please don't forget to upvote and Accept as answer if the reply is helpful--


2 additional answers

Sort by: Most helpful
  1. Dave Patrick 426.4K Reputation points MVP
    2022-04-19T14:59:44.103+00:00

    Setting a policy to "Not configured" means you are not configuring any policy, and so the client settings will remain set to whatever they are currently set to. If you wanted to revert the settings back to defaults you may have to determine what those default settings were, and then create a policy to assign those settings, or in some cases deleting the setting from registry changes an object to "Not configured"

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    1 person found this answer helpful.
    0 comments No comments

  2. Luke Coblentz 21 Reputation points
    2022-04-19T17:26:34.6+00:00

    @Dave Patrick We have the policy enabled for the groups we want. But, the authenticated users have read only access. Is this necessary to give them read only? I read online that you have to so it applies to the groups you want to apply the GPO to. But, when we made the GPO the authenticated users had the "apply group policy" checked at first, so it applied to them (we did not notice that it applied to them). Now we want to revert those changes. What is the best way to do it?