How to reset the Default Domain Policy and Default Domain Controllers Policy

Published January 27, 2024 by Danny Moran

Table of Contents

PAGE CONTENT

Introduction

Learn how to reset the Default Domain Policy and the Default Domain Controllers Policy back to their default settings. In this example, I show you how to use the dcgpofix command to reset the Default Domain Policy and the Default Domain Controllers Policy back to their default settings.

Video

Warning

Before you run any of the below commands to reset the Default Domain Policy or Default Domain Controller Policy, make sure that you take a backup of the configuration before you make any changes. This will enable you to restore the policies if there are any issues.
Audit every setting with the policy you are going to reset and confirm that they are either no-longer needed or the setting has been migrated to a different group policy object.

PowerShell

Reset Default Domain Policy GPO

Run the following command to reset the Default Domain Policy GPO:

dcgpofix /ignoreschema /target:domain

Reset Default Domain Controllers Policy GPO

Run the following command to reset the Default Domain Controllers Policy GPO:

dcgpofix /ignoreschema /target:dc

Reset Default Domain Policy GPO and Default Domain Controllers Policy GPO

Run the following command to reset the both the Default Domain Policy GPO and the Default Domain Controllers Policy GPO at the same time:

dcgpofix /ignoreschema /target:both