Re: I implimented a group policy and it priventing me from getting to the MMC
From: David Everett [MSFT] (deverett_at_online.microsoft.com)
Date: 03/22/04
- Next message: Chriss3: "Re: Login Scripts via GPO"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Prevent users from removing PC from Domain"
- In reply to: Joel: "I implimented a group policy and it priventing me from getting to the MMC"
- Next in thread: David Everett [MSFT]: "Re: I implimented a group policy and it priventing me from getting to the MMC"
- Reply: David Everett [MSFT]: "Re: I implimented a group policy and it priventing me from getting to the MMC"
- Reply: David Everett [MSFT]: "Re: I implimented a group policy and it priventing me from getting to the MMC"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 22 Mar 2004 13:36:22 -0600
If you configured this on the "Default Domain Policy" you could rename the
registry.pol file on the PDC Emulator under
C:\WINNT\SYSVOL\domain\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\User
Logon as a domain admin, open regedit (assuming you did not lock this down)
and delete the GPO history under
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System and delete the
DisableCMD value.
Log off and back on again and you should be able to access the mmc. Open
the Default Domain Policy and Enable "Turn off Autoplay" or something
harmless like this under User Configuration\Administrative Templates\System.
Doing this will create a new registry.pol that will undo the other settings
the next time the users log on.
If you are locked out of regedit you might try deleting the Registry.pol as
stated earlier and remove a Windows XP workstation from the domain. Install
the Adminpak and right-click AD Users and Computers and specify domain Admin
credentials in the RunAs. Focus the snap-in against the domain and Edit the
Default Domain Policy by Enabling "Turn off Autoplay". Have the users log
off and back on again.
-- David Everett Microsoft Corporation This posting is provided "AS IS" with no warranties, and confers no rights. "Joel" <anonymous@discussions.microsoft.com> wrote in message news:104dd01c40df2$e9faa1e0$a501280a@phx.gbl... > I implimeted a policy to lock down the what the users can > do on there workstations. I put it in, at the wrong place, > it is at the domain level not the OU level. I can not get > the mmc or active directy to work because the domain > controler is also now locked down. Is there a way to > remove the GPO from the domain controler so that I can fix > my mistake??
- Next message: Chriss3: "Re: Login Scripts via GPO"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Prevent users from removing PC from Domain"
- In reply to: Joel: "I implimented a group policy and it priventing me from getting to the MMC"
- Next in thread: David Everett [MSFT]: "Re: I implimented a group policy and it priventing me from getting to the MMC"
- Reply: David Everett [MSFT]: "Re: I implimented a group policy and it priventing me from getting to the MMC"
- Reply: David Everett [MSFT]: "Re: I implimented a group policy and it priventing me from getting to the MMC"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
