Ever wonder what happens when you run DCGPOFIX on a Domain Controller ?
DCGPOFIX is use to Recreate the Default Group Policies (Default Domain Controller and Default Domain Policy)
Once we run DCGPOFIX, we see that the Group Policies has been recreated. But what happens in the background. Lets See....
Currently, I am running DCGPOFIX for Default Domain Controller Policy
To understand the background, we will run Procmon (Process Monitor)
So, the first thing what DCGPOFIX will do is to take all the default settings from the "DefltDC.INF" file
Lets confirm... The DefltDC.INF file will have all the Default Security Settings for the Domain Controller Group Policy
(C:\Windows\Security\Logs\scedcpro.log)
It will now write the changes in the Security Database "secedit.edb" (C:\Windows\Security\Database\secedit.edb)
And Finally will create the Group Policy in SYSVOL
