Thanks Alan, I had just manage to do what you had mentioned to remove the ADM But I have another issue that when I correct the registry key in the ADM file and add it to the GP, I cannot see the item at the GPMC at all. I think it may be a conflict with the old ADM? Don't know actually and it confuses me. Thanks Tamer "Alan Cuthbertson" <syspro@xxxxxxxxxxxxxxxx> Sent by: gptalk-bounce@xxxxxxxxxxxxx 01/08/2009 01:33 PM Please respond to gptalk@xxxxxxxxxxxxx To <gptalk@xxxxxxxxxxxxx> cc Subject [gptalk] Re: Delete a Custom ADM policy Hi, Once the setting has been activated in the GPO, removing the ADM file is not sufficient. All that this does is hide it in GPEDIT. If you put the ADM file back in place, you will see that the setting is still enabled. You need to put the ADM file back, change the setting to ?not Applied? and then remove the ADM file. Alternatively you can leave the wrong key in the ADM file and change it to DELETE. This will then remove the wrong key valuename from all the machines. Alan Cuthbertson Policy Management Software (Now with ADMX and Preference support):- http://www.sysprosoft.com/index.php?ref=activedir&f=pol_summary.shtml ADM Template Editor(Now with ADMX support):- http://www.sysprosoft.com/index.php?ref=activedir&f=adm_summary.shtml Policy Log Reporter ? including Preference logging(Free) http://www.sysprosoft.com/index.php?ref=activedir&f=policyreporter.shtml From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of tamerm@xxxxxxxx Sent: Thursday, 8 January 2009 6:57 PM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Delete a Custom ADM policy I try to add a registry key to a registry using the ADM file, but I write a wrong path to the registry key. I tried to remove the custom ADM from the GP and manually delete the registry key from the clients computers using REG DELETE. But I found that the client computer is still having that key in the registry after restarting? What is the best way to do the following:- 1- Remove the incorrect ADM from the GP. 2- Remove the incorrect key from clients computers. 3- Reapplying the ADM after correcting the registry key. The incorrect ADM is: CLASS MACHINE CATEGORY "Windows Components" CATEGORY "Terminal Services" KEYNAME "SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" POLICY !!ALLOW_TSMANAGER #if version >= 4 SUPPORTED !!WinXP #endif EXPLAIN !!ALLOW_TSMANAGER_EXPLAIN ACTIONLISTON VALUENAME "AllowRemoteRPC" VALUE NUMERIC 1 END ACTIONLISTON ACTIONLISTOFF VALUENAME "AllowRemoteRPC" VALUE NUMERIC 0 END ACTIONLISTOFF END POLICY End Category End Category [strings] WinXP="At least Windows XP Professional or Windows 2003 Server" ALLOW_TSMANAGER="Allow access from Terminal Services Manager" ALLOW_TSMANAGER_EXPLAIN="Allows administrators to use the Terminal Services Manager to remote control the user session." The correct ADM is: CLASS MACHINE CATEGORY "Windows Components" CATEGORY "Terminal Services" KEYNAME "System\CurrentControlSet\Control\Terminal Server" POLICY !!ALLOW_TSMANAGER #if version >= 4 SUPPORTED !!WinXP #endif EXPLAIN !!ALLOW_TSMANAGER_EXPLAIN ACTIONLISTON VALUENAME "AllowRemoteRPC" VALUE NUMERIC 1 END ACTIONLISTON ACTIONLISTOFF VALUENAME "AllowRemoteRPC" VALUE NUMERIC 0 END ACTIONLISTOFF END POLICY End Category End Category [strings] WinXP="At least Windows XP Professional or Windows 2003 Server" ALLOW_TSMANAGER="Allow access from Terminal Services Manager" ALLOW_TSMANAGER_EXPLAIN="Allows administrators to use the Terminal Services Manager to remote control the user session." This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated. This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.