Ask the Expert

How can I restore a default domain controller policy?

I am running Windows 2000 Server SP3. I have had a problem with the default domain controller policy. I applied the securedc template to the group policy and then I deleted some accounts. This caused some error messages when I refresh machine policy with secedit. I also get a message "Windows cannot open template" when I try to open the security node. How do you restore a good default domain controller policy? I created a new policy and tried to apply the basic template to it, but no policies got configured.

    Requires Free Membership to View

Often that error means the template files are missing. They should be restored from a backup or from another similar system. I doubt the issue of the errors is directly related to the deletion of user accounts. I always recommend creating your own custom policies and never editing the default policies directly. That way you always have somewhere to return to if you mess things up. You may try using Microsoft Baseline Security Analyzer (MBSA) to analyze your settings in light of the securedc.inf to see if it applied successfully in the first place. You may have to re-install to repair the system.

This was first published in March 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: