Hey everyone! So, we changed a bunch of Group Policy Objects (GPOs) a while back and just unchecked the 'Link Enabled' box on a few of them instead of deleting. Now that everything seems to be working great, I'm looking to clean up and delete the old GPOs that are not in use anymore. If I check each GPO and see that everything in the Scope tab shows 'Link Enabled = No,' can I safely delete those GPOs? Just making sure I'm not missing any way a GPO could still be in use without it showing under Scope. Thanks for your help!
5 Answers
That’s actually what I do too! I just unlink and rename them, let them sit for a bit, and then every year or so, I back up all my GPOs and clear out the renamed ones to keep things tidy.
Instead of jumping straight to deletion, why not rename them by adding a 'z-' or 'z_' at the beginning to group them together? Disable them for a while to ensure everything's still working, and if no one complains or needs any settings, then you can go ahead and delete them.
I hear ya! It would definitely be easier if we could organize GPOs into folders instead of a flat list. Just think of all the time you'd save when searching for older policies!
If the scope is empty, that usually means it's not assigned anywhere. I recommend checking the settings tab, generating a report, and saving it. Backing up the GPO and archiving everything before deletion is a smart move; that way, you'll have the report and the backup if someone has questions later.
Your thought process sounds solid! Just to be safe, it might be a good idea to back them up first before you delete them, in case you need to reference them later.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures