Group policy restrictions remain after leaving domain

G

Gary Hunter

A system using Win XP Pro SP1 has been moved from the building and
removed from the domainand in to a workgroup. A user loging in as a
local administrator reports that a password policy requiring long and
complex policies remains and that using control panel->admin
tools->local security policy->acount policies->password policy he can
display the relevant policies including min password length, require
complex passwsords but the fields to change these values are grayed
out. Any ideas as to how I can resolve this?
 
F

Feng Mao

Hi Gary,

Thank you for posting!

This issue is because the computer used to be part of a Domain environment
which has the Group Policy to prevent clients to modify such settings.

As I know, the Local Security Settings is stored in
%systemroot%\security\Database\secedit.sdb. So, there is an unofficial way
to reset this.

1. Find another computer install Windows XP. You can change the settings to
what you want.
2. Rename secedit.sdb to secedit.bak in %systemroot%\security\Database
3. Copy secedit.sdb from the good computer.
4. Restart the computer

I hope that the above suggestion will be helpful.

Have a nice day!

Thanks & Regards,

Feng Mao [MSFT], MCSE
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.



--------------------
| From: Gary Hunter <[email protected]>
| Newsgroups: microsoft.public.windowsxp.security_admin
| Subject: Group policy restrictions remain after leaving domain
| Date: Sun, 29 Aug 2004 13:30:51 +1000
| Organization: http://newsguy.com
| Lines: 8
| Message-ID: <[email protected]>
| NNTP-Posting-Host: p-813.newsdawg.com
| Mime-Version: 1.0
| Content-Type: text/plain; charset=us-ascii
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Forte Agent 2.0/32.640
| Path:
cpmsftngxa10.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.s
ul.t-online.de!t-online.de!border2.nntp.dca.giganews.com!nntp.giganews.com!c
yclone-sf.pbi.net!129.250.175.17!pln-w!spln!dex!extra.newsguy.com!newsp.news
guy.com!news3
| Xref: cpmsftngxa10.phx.gbl
microsoft.public.windowsxp.security_admin:141049
| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
|
| A system using Win XP Pro SP1 has been moved from the building and
| removed from the domainand in to a workgroup. A user loging in as a
| local administrator reports that a password policy requiring long and
| complex policies remains and that using control panel->admin
| tools->local security policy->acount policies->password policy he can
| display the relevant policies including min password length, require
| complex passwsords but the fields to change these values are grayed
| out. Any ideas as to how I can resolve this?
|
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Cannot Set Password Policy 3
Group Policy Security setting could not be determined 4
Group Policy and User restrictions 5
Password policy problem 1
How to disconnect from the domain 3
default domain policy, password policy 2
Group Policy Issues 3
Local Vista User Account using Domain Security Pol? 4

Top