Skip to main content

Defeating Group Policies

Posted January 2003 by Steve Sinchak

Defeating group policiesxml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /

(Living large in an locked down XP world)

CAUTION: The following contains information on editing your registry. This following is not pretty, but is an effective sledge hammer approach. You must be able to edit your registry in order to perform these tasks.

Part I: Prevention

The key to defeating group policies is eliminating the ability of the domain to simply re-push the policy back down. I have experimented with several variations and have come up with the following:

Altering permissions on the policies key will prevent the domain from being able to push a policy to your machine.

The policy key is:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies

There will be a Microsoft key and if you have a group policy distributed, a reference to your group policy. For our example lets use a key called companyx

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\CompanyX

Click on the key

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\CompanyX\

and remove all values on the right hand pane window. Once you have finished change the permissions (remove inherited permissions) on

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\CompanyX\

key and set them to administrators and system DENY ALL

While this will prevent future writes by you, it will also prevent future rights by automatic distribution.

Now on to the clean up…

Part II: Clean Up

If you have already had a group policy distributed, search your registry for groupmembership. Once you find it, delete all values except the default value. They start at 0 and go to x.  It is in the registry a few times.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\GroupMembership]

Also clear the group policy history

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History]

Part III : Undoing Folder Redirection

If folder redirection has been enabled, after you complete steps one and two you will have to search the registry to remove any remaining values:

For instance if  folder redirection has been enabled to your home drive, simply search the registry for the value of your home drive path and remove the entries.

H:\redirect  for example. Search your registry for H:\redirect and delete it where ever it is present

Once all the above have been completed reboot the machine and you are free from group policy distribution.

Related Posts


If you own a Google Chromecast streaming device, you can easily share a browser tab in Chrome browser or even your entire desktop.  This can be very useful when presenting from your laptop or if you just want to watch something on a big screen that is only on your PC.  The only requirement is you must be on the same network as your Chromecast...

Read More

If you are a fan of minimalist desktop experiences, hiding the desktop icons are an easy way to clean up the Windows interface.  Instead of saving everything to your desktop, use the default profile folders such as downloads and documents.  Actually hiding all the icons on your desktop is a very simple customization hidden in the right-click context menu.  Just right-click on the desktop, select View...

Read More

Google security researchers have published details about a major security flaw found in the SSL protocol that is used to encrypt data transferred between your browser and a web server. SSL is typically used in situations where logon credentials are validated...

Read More

Enabling two-factor authentication is a great way to add an additional level of protection to your Microsoft account.  Even if your password is stolen, your account is still protected because two-factor authetication requires an additional level of verification to log in. Microsoft calls their version of two-factor authentication "two-step verification" and it works by providing you with a random code...

Read More