Results 1 to 7 of 7
  1. #1
    3 Star Lounger
    Join Date
    May 2001
    Location
    Kenilworth, Warwickshire, England
    Posts
    260
    Thanks
    1
    Thanked 0 Times in 0 Posts

    unwanted group policies

    The company I worked for went into administration and the IT community, along with everyone else, was dispersed. I am working for the Administrators and have 8 desktop PCs running offsite and off the company network, but on a local peer to peer network. Two of these PCs have group policies on things like password strength that are still enforced in standalone mode. This is very inconvenient and I would like to remove all such policies from the PCs. I have full access to the PCs, with full administrative rights but I dont know where and how these policies are held/enforced. I do not know any other passwords, or even whether policies set remotely can be removed by brute force locally.

    Is there anything I can do to remove these policy instructions? I am reluctant to rebuild the machines because although I do have Windows instalation CD, I do not have the drivers for the specific PCs.

    Thanks for any help

    Mike C

  2. Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Plutonium Lounger Leif's Avatar
    Join Date
    Dec 2000
    Location
    U.K.
    Posts
    14,010
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: unwanted group policies

    Group Policies are not something I would call one of my strengths! - but would Disable Group Policy Objects do what you want?

    (Naturally, I recommend a registry backup first...)

  4. #3
    3 Star Lounger
    Join Date
    May 2001
    Location
    Kenilworth, Warwickshire, England
    Posts
    260
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Re: unwanted group policies

    Leif,

    Thank you very much for pointing me at that. I thought I had looked "everywhere". I thought you might like an update for future reference.

    I applied the change to the registry and it did not solve the problem, that is, the policies were still being applied. Since this puzzled me, I hunted around and spotted that the PCs that were ok were all "Workgroup" members, the 2 difficult ones were "domain" registered. I have changed them to Workgroup and all is now fine. What I stupidly didnt do is take the registry entry out, so I dont know whether making the workgroup change alone would have done the trick.....

    Thanks again,

    Mike C

  5. #4
    Plutonium Lounger Leif's Avatar
    Join Date
    Dec 2000
    Location
    U.K.
    Posts
    14,010
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: unwanted group policies

    Mike - thanks for posting back with your solution.

    For reference, although again I'm not sure how helpful this might be:
    Group Policy in a Workgroup Environment and a list of Group Policy KB Articles may help others in the future.

  6. #5
    5 Star Lounger
    Join Date
    Nov 2004
    Location
    Wilmington, North Carolina, USA
    Posts
    1,196
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: unwanted group policies

    Mike,

    Any time a computer on a network touches that domain, all group policies applied to that computer (via specifically or the computer's group) in active directory will be refreshed. You will have to remove all policies applied to the computer in active directory, or remove the computer from the network completely.

    I'm not sure how group policy applies in a workgroup environment, but I'm sure it can't be much different.
    ____________________________
    Jeremy
    "If you spend more on coffee than on IT security, then you will be hacked. What's more, you deserve to be hacked." -Richard Clarke

  7. #6
    3 Star Lounger
    Join Date
    May 2001
    Location
    Kenilworth, Warwickshire, England
    Posts
    260
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Re: unwanted group policies

    Jeremy,

    You may have spotted that I am ok now, but I would like to understand more. If I pick up on your terminology its because of that.

    You talk about computers "touching" the domain having their policies refreshed. These computers have been nowhere near the domain for a long time, but presumably they stay stuck at their last refresh. The domain effectively no longer exists, and so there is no active directory, managed or not. so there can be no question of removing all the policies. The computer will never go back onto that domain to know this has happened. Leif's registry change sounded right for the task, but didnt work. Was I lucky that changing the PCs to workgroup from domain severed that relationship? Was there anything else I could have done?

    Cheers,

    Mike C

  8. #7
    5 Star Lounger
    Join Date
    Nov 2004
    Location
    Wilmington, North Carolina, USA
    Posts
    1,196
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: unwanted group policies

    <hr>Was I lucky that changing the PCs to workgroup from domain severed that relationship? Was there anything else I could have done?<hr>
    <img src=/S/yep.gif border=0 alt=yep width=15 height=15> Pretty much.

    <hr>Was there anything else I could have done?<hr>
    Not that I can think of.
    ____________________________
    Jeremy
    "If you spend more on coffee than on IT security, then you will be hacked. What&#39;s more, you deserve to be hacked." -Richard Clarke

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •