Re: Registry tatooing

From: "Erik Cheizoo" <echeizoo.XenD.nl@xxxxxxxxxxxxxxxxxxxx>
Date: Mon, 8 Jan 2007 17:51:59 +0100

Unfortunately, there is no such thing as registry reset (if you don't count setup.exe as an viable solution ;-) )
The only way to revert tattooed settings is creating a reverse policy (with the opposite setting), leave it for a few weeks (till all workstations/users have logged on at least once) and then set the setting to not defined.

--
Kind regards,

Erik Cheizoo
eXcellence & Difference - we keep your business running
============================================
Always test in a non-production environment before implementing
Guidelines for posting: http://support.microsoft.com/?id=555375
============================================

"NZSchoolTech" <nzschooltech@xxxxxxxxxx> wrote in message news:1168202323.107958.299240@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

In another thread I referred to problems getting the home drive mapped
in the user's profile to a subdirectory of a share, in that the drive
letter would often be mapped to the root of the share instead of the
subfolder.

This morning I found a policy setting in User
Configuration\Administrative Templates\System\User Profiles that
directly controls this behaviour and after I disabled this policy, the
home drives are being mapped properly.

It seems this could be an example of registry tatooing because these
computers were connecting to a Windows NT type domain (Samba) using the
System Policies before.

Is there much documentation about the problems of registry tatooing? Is
there some means to reset all the old NT4 policy settings?

Follow-Ups:
- Re: Registry tatooing
  - From: Ace Fekay [MVP]

References:
- Registry tatooing
  - From: NZSchoolTech

Prev by Date: Cannot create/copy accounts in active directory
Next by Date: Re: Setting default logon hour for new users
Previous by thread: Registry tatooing
Next by thread: Re: Registry tatooing
Index(es):
- Date
- Thread

Relevant Pages

Re: SP2 global propagation of Pop-up allowances
... Thanks for the reply and the affirmation re: the registry settings. ... > policy setting, you can enter a list of sites which will be allowed ... > create their own lists of sites. ... > torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway ...
(microsoft.public.windowsxp.general)
Re: ADM fully managed or not
... A fully-managed Group Policy setting is one that will undo itself when it ... Other policies are said to "tattoo" themselves. ... particular registry value. ... I'd be very interested to see the ADM file you've written. ...
(microsoft.public.windows.server.general)
Re: Read and delivery receipt
... run it on all PCs asking authentication to the AD first thing in the morning. ... You could do it with a startup script or logon script if the key is HKCU ... Or you can write a custom ADM file and directly change the registry via group ... Note it is not a policy setting so it tatoos the registry ...
(microsoft.public.exchange.clients)
Re: Reversible encryption on Windows XP.
... > I was wondering what effect the policy setting "Store password using ... > reversible encryption for all users in the domain" has on Windows XP since ... > hash present in registry is same irrespective of this setting. ...
(microsoft.public.platformsdk.security)
Effect of "reversible encryption..." on Windows XP.
... I was wondering what effect the policy setting "Store password using ... reversible encryption for all users in the domain" has on Windows XP since it ... hash present in registry is same irrespective of this setting. ... Would some one help me understand, what this setting is meant for on Windows ...
(microsoft.public.security)