Skip to content

Remove Group Policy Objects from Windows

A couple of days ago, a customer asked me to take a look at one of his Windows Server 2016 systems. He told me, that the system acted abnormal and a regular gpupdate report’s issues with some policies.

Turned out, that they moved the server between organizational units (OUs) and that created issues with Group Policy Objects from the domain and older local Group Policy Objects.

We decided to remove all Group Policy Objects completely and re-apply everything from scratch!

rem Restore Local Security Policies to default
secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose

rem Remove Group Policy Objects
RD /S /Q "%WinDir%\System32\GroupPolicyUsers"
RD /S /Q "%WinDir%\System32\GroupPolicy"

rem Apply the Group Policy
gpupdate /force

All of the above must be executed within an elevated session. And you should keep in mind, that the commands above will remove everything. Especially the secedit can remove more then you might want. So use this with caution!

Published inHowTo

Be First to Comment

Leave a comment

By posting a comment you consent that I store the submitted information as well as your anonymized IP address on my servers, under the terms of my Privacy Policy. Your email is never shared with anyone else.

Required fields are marked *.