# access windows 10 gpo without log in to desktop



## tek101 (Jun 16, 2016)

I just set up a Windows 10 Pro as a stand alone laptop for public use. I made an adjustment on gpedit.msc (local) User Configuration -> Policies -> Administrative Templates - > System -> Custom User Interface (enable ) c:\windows\systemapp\Microsoft.microsfotedge.....\microsoftedge.exe 
and
User Configuration - > Policies - > Administrative Templates - > System - > Ctrl+Alt+Del Options and Enable Remove Task Manager.

Unfortunately, after I log off and log back on MS Edge doesn't start and my screen is black and I couldn't do much. I can do a Ctrl+Alt+Del and log off, but Hot key + x, Ctrl +R doesn't give me any option.

How would I go back to gpedit.msc and adjust the group policy again? I restart and F8 but that didn't give me a choice either.

Any one out there run into this issue before and how did you solve the problem. Thanks!


----------



## Aura (Apr 19, 2015)

Hi tek101 

If I'm not mistaken, the local GPOs are saved in a file in C:\ProgramData called ntuser.pol. Can you check if that file exists, and if so, delete it and see if you can adjust the GPOs once more?

Also, what are you trying to do with these GPOs? Make sure that when the session opens, only Microsoft Edge is launched, and the user cannot access the Task Manager when pressing the Ctrl + Atl + Del combo?


----------



## tek101 (Jun 16, 2016)

Thanks for you response. How would I get back to c:\programData? that's my problem even I log in as administrator. I'm trying to lock down Windows 10 so only web browser can launch when log in. Now I can't access the desktop or C:\ drive. and I don't know if there's a by past without log in to the desktop.


----------



## Aura (Apr 19, 2015)

You could always boot in the RecoveryPE, open the command prompt (Shift + F10) and delete the file from there using the del /f command.


----------



## tek101 (Jun 16, 2016)

I'm not so sure how to boot in the RecoveryPE, but I was manage to Shift + Restart into command mode but c:\ProgramData isn't in the directory? where else can I look for it?


----------



## Aura (Apr 19, 2015)

Where is the command prompt placing you right now? C:\Windows\System32? or X:\Windows\System32?


----------



## tek101 (Jun 16, 2016)

x:\windows\system32


----------



## tek101 (Jun 16, 2016)

This is a Windows 7 Pro upgrade to Windows 10.


----------



## Aura (Apr 19, 2015)

Alright, type:

cd C:\ProgramData\

It should bring you in the C:\ProgramData folder and you can use:

del ntuser.pol /f /q

After that.


----------



## tek101 (Jun 16, 2016)

cd c:\ProgramData\ isn't in C:\ and when I type in I got an error saying "the system cannot find the path specified"


----------



## Aura (Apr 19, 2015)

Alright in that case, launch diskpart by typing the following command:

diskpart

From there, enter this command:

list volume

Can you identify the partition containing your Windows installation there? If so, what letter does it have attributed?


----------



## tek101 (Jun 16, 2016)

this is what I have 
Volume 0 G - Dvd rom
Volume 1 C - system
Volume 2 E - OS
Volume 3 F - Recovery
Volume 4 D - New Volume


----------



## Aura (Apr 19, 2015)

Alright, in that case, try this:

cd E:\ProgramData
del ntuser.pol /f /q


----------



## tek101 (Jun 16, 2016)

I found the ntuser.pol and delete but I'm still not able to log on to desktop. I assumed the gpo still in place. thanks, but is there anything other files that I can delete? or even in registry? 

thanks for your help.


----------



## Aura (Apr 19, 2015)

From the command prompt, open regedit then click on "File" followed by "Load Hive...", then navigate to C:\Windows\System32\config and load the SOFTWARE hive (file with no extension). From there, explore the following key:

HKLM\Software\Policies\Microsoft

Can you tell me if you see any keys or values underneath it relied to the GPOs you applied?


----------



## tek101 (Jun 16, 2016)

What I sees under HKLM\Software\Policies\Microsoft:
- System Certificates
- Windows
- Windows NT


----------



## Aura (Apr 19, 2015)

Did you explore the Windows and Windows NT keys/values/etc.?


----------



## tek101 (Jun 16, 2016)

why can't i just run gpedit.msc from the command line? it said the command is not recognized as internal or external mode? When I was able to get on the desktop I can run gedit.msc.


----------



## Aura (Apr 19, 2015)

Because it's probably not included in the X: partition used by the RecoveryPE. Try launching it that way:

E:\Windows\System32\gpedit.msc


----------



## tek101 (Jun 16, 2016)

Yes, I did and I even deleted all three keys and values under Microsoft and that didn't solve my problem.


----------



## tek101 (Jun 16, 2016)

I'm sorry, but you kept referring to RecoveryPE? What's that? I didn't see that option when I shift Restart. 

I have these options: System Restore, System Image Recovery, Startup Repair, Command Prompt, Startup Settings and Go back to the previous build. What do I have to do to get to RecoveryPE?


----------



## Aura (Apr 19, 2015)

This is the RecoveryPE. The real name though is Windows Preinstallation Environment.


----------



## tek101 (Jun 16, 2016)

Ok, so I would have to pre-install? This was an upgrade from Windows 7. Do I need a disc to do that?


----------



## spunk.funk (May 13, 2010)

Create a bootable Windows 10 DVD or USB install media using the Media Creation Tool. Go to the section about doing a _Clean Install_. 
Boot off of the Windows 10 media and choose *Repair Your Computer*. If that doesn't work there are other options in the RE (recovery environment) in the Command Prompt or System Restore.


----------



## jenae (Jun 17, 2008)

Hi, you mention you can do a ctrl +alt+del, if so select "task manager" when task manager opens go to "file" and select "run new task" type: gpedit.msc and put a check in the box that says "create this task with administrative privileges".


----------

