How to manually create Default Domain GPO
SUMMARYHow to manually create Default Domain GPO MORE INFORMATIONThere is a way to create Default Domain GPO. There are two GPO created when you promote a member computer or a stand-alone server to domain controller. These two GPOs are :
\Windows\SYSVOL\sysvol\domain.com\policies\GUID Domain Default GPO GUID {31B2F340-016D-11D2-945F-00C04FB984F9} Domain Controller Default GPO GUID {31B2F210-016D-11D2-945F-00C04FB981F1} Windows OS identifies default domain policies by its GUIDs located in SYSVOL folder. These GUIDs are unique for Default Domain Policy and Default Domain Controller Policy created by default. You can use the following steps to create GPOs manually: 1. Open ADUC 2. Right click on Domain_name.com > Property 3. Switch to Group Policy tab 4. Create a policy named "Default Domain Policy" or you can rename it if you want. AD Tools queries default domain policies by their GUIDs located in SYSVOL folder and not by name. 5. Click this GPO > Property > note down the GUID of this GPO created. 6. Go to SYSVOL folder and change the GUID to default domain policy or default domain controller policy. 7. Next you need to use a small script using ADSI to set this unique GUID into GPT of this policy in AD database. You can also edit Schema manually to do so. You can use the ADSI Snap-in to create the GUID in GPC of that GPO. Here are some articles that you can use to troubleshoot Group Policy: Troubleshooting Group Policy issues in Windows http://www.microsoft.com/technet/community/columns/profwin/pw0502.mspx How to reset security settings in GPO http://support.microsoft.com/?kbid=226243 Scripting GPO http://www.windowsitpro.com/Article/ArticleID/40231/40231.html?Ad=1 Using Dcgpofix.exe: You can also use Dcgpofix.exe to restore Default GPO. Have a look here for Dcgpofix.exe: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/48872034-1907-4149-b6aa-9788d38209d2.mspx The Dcgpofix tool does not restore security settings in the Default Domain Controller Policy to their original state http://support.microsoft.com/?KBID=833783 APPLIES TO
COMMUNITY SOLUTIONS CONTENT DISCLAIMER MICROSOFT CORPORATION AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, OR ACCURACY OF THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN. ALL SUCH INFORMATION AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND NON-INFRINGEMENT. YOU SPECIFICALLY AGREE THAT IN NO EVENT SHALL MICROSOFT AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF OR INABILITY TO USE THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF MICROSOFT OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. | Article Translations
|
| United States | Change | | | All Microsoft Sites |
Help and Support
Back to the top
|
