Getting Started on GPanswers.com
O.k. Here is my situation. I created a new GPO on an OU. Don't ask me why becuase I was being really stupid but on the GP's security tab I took away all of the administrators access to write/read the GP. THe only user group that still has access to do anything with it is the local SYSTEM group. Hw can I restore the user rights to the GP? Or how do I manually delete the GPO so it does not exist any more. I have already deleted the link from the OU. I tried to go to the sysvol share and restore permissions to the folders there on the correct GUID but it did not fix my problem. Any ideas would be appreciated.
THanks!ops:
The answer is a complex one.
You need to take ownership of it.. quite like a file.
See Figure 4.5 of the book,
which shows the Policies folder.
If you take ownership of the GPO here,
you can delete it.
Let me know if that works..
PS: Try at your own risk !
Getting Started on GPanswers.com
So If I am understanding you correctly than all I need to do is to take ownership and delete C:\winnt\sysvol\sysvol\domain\policies\{guid} folder and it is gone. Is there any other place it needs to be deleted? Are there any registry entries I need to worry about, etc.
Thanks in advance.
Well, once you take ownership of it,
you **SHOULD** be able to go
back to the GPMC and whack it there.
The rest is a normal deletion and should happen normally.
Getting Started on GPanswers.com
I changed the permissions in the policies folder for the appropriate GUID. Then I went into GPMC. When I clicked on the bad policy it came up with an error that said basically that the permissions in active directory were incosistant with the other permissions. I clicked cancel so it would not for the bad active directory setting back out. Then I right-clicked it and hit delete. It then deleted.
YEA!! Thanks so much. I am much relieved.
Happy-One
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote