Windows Security Settings remain in effect after removal

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Cause

This problem typically occurs when a security setting is defined through Group Policy and later set to "undefined."

Solution

Under some circumstances Windows Security Settings remain in effect after being set to undefined. The flow chart below will help you determine if your security setting is remaining in effect because of this behavior.

Account Policy, User Rights Assignment and Audit Policy

If the security setting that is in effect is under Account Policy, Local Policy\User Rights Assignment or Local Policy\Audit Policy use the flow chart below to determine how this particular setting will behave when removed through Group Policy:

Security Options

If the security setting that is in effect is under Security Options use the flow chart below to determine how this particular setting will behave when removed through Group Policy:

Event Log and System Services

If the security setting that is in effect is under Event Log or System Services use the flow chart below to determine how this particular setting will behave when removed through Group Policy:

Restricted Groups

If the security setting that is in effect is under Event Log or System Services use the flow chart below to determine how this particular setting will behave when removed through Group Policy:

All Other Windows Security Settings

For Windows 2003 and Windows XP security settings not addressed in the sections above revert to their previous value when removed through Group Policy. For Windows 2000 security settings not addressed in the sections above will revert to their previous value unless the setting is defined in local policy in which case it will reflect the local policy setting.