Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.
Updating GPOADmin permissions to remove service account from Domain Admins.
설명
When changing an established GPOAdmin environment to use a Minimum Permission account, existing GPOs need to be re-deployed as showing as having Unauthorized Modification.
How can this be corrected?
원인
This is expected comportment as the process mentioned is supposed to be run during the original setup.
해결 방안
Workaround
It is possible to automate an incorporate action using the PowerShell Cmdlets for GPOADmin.
This can allow for a script to get all non-compliant items and then set them to incorporate which will correct the issue without an additional deployment.
Please see the Documentation on the PowerShell scripts for details of the Cmdlets available.
