Default Domain Controllers Policy and Default Domain Policy

Default Domain Controllers Policy and Default Domain Policy

This is one of the old ones, I have never had the time to blog.

I some situations you might find you self in so big trouble that you would like to recreate the original Domain and Domain Controllers policies.

This is possible with the command DCGPOFIX

As an example you can restore the Default Domain Controllers Policy with the command DCGPOFix /Target:dc


But be careful – the tool does will not restore the security settings on the policy as you would want it to be.

So if using DCGPOFIX you will must likely need to do some security settings afterwards.

Also be aware that DCGPOFIX will not link the policy to any OU’s, so if the default links has been deleted you must create them again in GPMC.

As always a good backup is a better idea, so in order to backup your default gpo’s you can use PowerShell and run it at a scheduled interval if needed but remember to cleanup the backups, no need to have to many backups saved.

This will create a backup of the Default Domain Controllers Policy.

Backup-Gpo -Name “Default Domain Controllers Policy” -Path C:GpoBackups

Please note that the folder C:GpoBackups in this example must be created before you run the command.


When you would like to restore the backup you can use Restore-Gpo

restore-Gpo -Name “Default Domain Controllers Policy” -Path C:GpoBackups


This will also restore the security settings as they were at the time of the backup.

Restore-Gpo will as DCGPOFIX also not recreate missing gpo-links and they must be created again if desired.

Table of Contents

Share this post
Search blog posts
Modern Workplace consultant and a Microsoft MVP in Enterprise Mobility.
Modern Workplace consultant and a Microsoft MVP in Windows and Devices for IT.

Infrastructure architect with focus on Modern Workplace and Microsoft 365 security.

Cloud & security specialist with focus on Microsoft backend products and cloud technologies.

Cloud & Security Specialist, with a passion for all things Cybersecurity

Cloud and infrastructure security specialist with background in networking.

Infrastructure architect with focus on design, implementation, migration and consolidation.

Infrastructure consultant with focus on cloud solutions in Office365 and Azure.

follow us in feedly

Follow on SoMe