Unable to make registry or security policy changes (that “stick”) in an offline Windows Server 2003 environment

Posted on

Unable to make registry or security policy changes (that “stick”) in an offline Windows Server 2003 environment – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about windows, windows-server-2003, security, group-policy, .

I’ve inherited a network, in my new position, that I’m in the process of getting accredited and then online. For now it’s completely offline and all my updates are done locally at the machine(s). Using the results of my Retina scans I research my vulnerabilities, download the appropriate patches/fixes and then install them on the respective server(s). However, a large percentage of my audits show “simple fixes” in the form of registry changes, security policy edits, etc. Long story short, I’ve made these changes numerous times only to find them reappearing in my scans and most-to-all of the items reverting back to what I changed them from.

I’ve given myself, as high as, enterprise admin rights to no avail. After more and more research and attempts, I noticed that the GPO(s) on this network is completely screwed and I’m having the hardest time narrowing down which GPO is “in control”. Does anyone have a tool or anything that may help me narrow down the master GPO? Or any helpful advice on my situation?

Solution :

gpresult /H c:pathtooutput.html should give you a nice overview of what policies are applied to that machine.

Group Policy objects are processed in the following order:

  • Local
  • Site
  • Domain
  • OU

Leave a Reply

Your email address will not be published.