Export / Import Local Group Policy:
######### Local Group Policy Editing as per w2w Policy ##########
---------------------------------------------------------------------------
1. Place the Folder "LocalGroupPolicy Updates" in C:\
2. Open the file "C:\LocalGroupPolicyUpdates"
---------------------------------------------------------------
******Backup Local Group Policy******
Right Click and Run as Administrator - "Backup Local Group Policy.bat"
It will create Folder C:\LocalGroupPolicyUpdates\DefaultGroupPolicy
--------------------------------------
******Modify Local Group Policy******
Right Click and Run as Administrator - "Modify Local GroupPolicy.bat"
Check any one policy-> Example: Right click This PC -> Properties -> Remote Desktop
Remote Desktop will be DISABLED
-------------------------------------
*******Load Default Group Policy********
Right Click and Run as Administrator - "Load Default Group Policy.bat"
Check any one policy-> Example: Right click This PC -> Properties -> Remote Desktop
Remote Desktop will be ENABLED
--------------------------------------------------------------------
********************************************* END ***************************************
*******************************************************************************************
Reference:
Step 1: Copy the Group Policy Objects from the Source System
Copy Everything under the %windir%\System32\GroupPolicy folder to a shared location.
This folder is hidden so either just use the path provided or show all hidden folders.
NOTE: If you have added any special Admin files those must be copied as well this will generally not apply unless they were added specifically before. The admin files are located in %windir%\PolicyDefinitions
Step 2: Copy the Security Configuration from the Source System
Open an Administrative command prompt and run the below command
secedit /export /cfg C:\Security.csv
This will create a csv with all of your security information in it (password requirements and age restrictions) Copy this to the same shared location that the Group Policy objects are in.
Step 3: Copy the Audit Policy from the Source System
In the Same Admin prompt from above run the below command
Auditpol /backup /file:C:\Audit.ini
This will create an ini with your Audit policy information in it. (Registry file access success and failures) Copy this to the same shared location that the other files are in.
Step 4: Start on the Target System
Copy the files from the shared Directory to the Target system for the import of that information or make sure that the Target system can access the files from the share.
Step 5: Import the Group Policy on the Target System
Copy Everything from the shared group policy folder into the %windir%\System32\GroupPolicy folder.
NOTE: If you copied any admin files out go ahead and place those back in the same place on the Target system
Step 6: Import the Security Configuration onto the Target System
The Below Command will import the security configuration. onto your Target System
secedit /configure /cfg Security.csv /db defltbase.sdb /verbose
Security.csv is the path to your Security File
Defltbase.sdb is required for this operation and the merger it MUST be write-able.
This will return a successful message.
Note: On User Rights if someone has been deleted to make the field blank then the option will fail. On your Source System add a custom made user account to those fields and you can carry it over as blank.
IE: If Removing Administrators from allow Debug programs will look like
SEDebugPrivilege =
Step 7: Import the Audit Policy onto the Target System
The Below Command will import the audit configuration onto your Target System.
Auditpol /restore /file:C:\audit.ini
Audit.ini is the path to your Audit file