And locks users out of Windows
Occasionally when you deploy a Group Policy change via AGPM, it will corrupt that Group Policy.
My experiences over the last two years have included users losing
- the Corporate Intranet Homepage settings
- desktop wallpaper
- network drive mapping.
Yesterday they lost the ability to boot into Windows.
Applocker had decided to block critical operating system files.
The solution:
- Boot Windows into Recovery Mode
- Select Safe Mode with Command Prompt
- Logon to Windows with a Local Administrator account
- Delete the content of c:\windows\system32\Applocker
Things we learned/benefited from:
- A talented group of people worked together to resolve the issue.
- We had previously implemented Microsoft LAPS in our environment.
It proved to be a critical “get out of jail” card. - The technical knowledge of our end users varied.
Times to fix each computer ranged from 10 minutes to 3 hours.