dcgpofix.exe

  • File Path: C:\Windows\SysWOW64\dcgpofix.exe
  • Description: Microsoft (C) Default Group Policy Object Restore Utility

Hashes

Type Hash
MD5 547C37574A1793806996C8892760A0B0
SHA1 2247E90EBE34B625C399FF23E379CC0126603BBF
SHA256 BC85D2FCFFC0B1231A3C867DDC7F72C4715C39C94C94FE952932545691DD92DC
SHA384 EB9DE0C7B72CED66F8DF692AF464985F0F04365665A0377BFB00EB29BAF5D7874B18BA512883A3D41EEC766D625A7648
SHA512 B948D145329D097FC13DB0E5E5BD1F31F9BFCD095F37EC70CF0116C8C252EE52F395547F087EC78B75231E2E361C09E54BF4ECAEF265A3B04B86CAEE3E16183D
SSDEEP 1536:gd+GIbKXNiuVlDyfpFjEt4EFqEIOEyXB:gd+GguVlDg8qEwrQX
IMP E5DBFF31C174826963755E2AB1E6C867
PESHA1 0FA2958E565FC6E2B547661B75DDA3F22D9E1B04
PE256 7DEE92307E4D2DC36BCE9F9D1F24FA5EAB19D827EB76145515A451B612F154DE

Runtime Data

Usage (stdout):


Microsoft(R) Windows(R) Operating System Default Group Policy Restore Utility v5.1

Copyright (C) Microsoft Corporation. 1981-2003

Description: Recreates the Default Group Policy Objects (GPOs) for a domain

Syntax: DcGPOFix [/ignoreschema] [/Target: Domain | DC | BOTH]

/target: {Domain | DC | BOTH}
Optional.  Specifies the GPO to be restored: the Default Domain Policy GPO, the Default Domain Controllers Policy GPO, or both.

/ignoreschema:
Optional. Use this switch to enable this tool to ignore the schema version of  Active Directory. Otherwise, this tool will only work on the same AD schema version as the Windows version in which the tool was shipped.


Loaded Modules:

Path
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll
C:\Windows\SysWOW64\dcgpofix.exe

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: DefaultGPOFix
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.17763.1 (WinBuild.160101.0800)
  • Product Version: 10.0.17763.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: Unknown

Additional Info*

*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.


dcgpofix

Recreates the default Group Policy Objects (GPOs) for a domain. To get to the Group Policy Management Console (GPMC), you must install Group Policy Management as a feature through Server Manager.

[!IMPORTANT] As a best practice, you should configure the Default Domain Policy GPO only to manage the default Account Policies settings, Password Policy, Account Lockout Policy, and Kerberos Policy. Additionally, you should configure the Default Domain Controllers Policy GPO only to set user rights and audit policies.

Syntax

dcgpofix [/ignoreschema] [/target: {domain | dc | both}] [/?]

Parameters

Parameter Description
/ignoreschema Ignores the version of the Active Directory schema when you run this command. Otherwise, the command only works on the same schema version as the Windows version in which the command was shipped.
/target {domain | dc | both Specifies whether to target the Default Domain policy, the Default Domain Controllers policy, or both types of policies.
/? Displays Help at the command prompt.

Examples

To manage the default Account Policies settings, Password Policy, Account Lockout Policy, and Kerberos Policy, while ignoring the Active Directory schema version, type:

dcgpofix /ignoreschema /target:domain

To configure the Default Domain Controllers Policy GPO only to set user rights and audit policies, while ignoring the Active Directory schema version, type:

dcgpofix /ignoreschema /target:dc

Additional References


MIT License. Copyright (c) 2020-2021 Strontic.