I have a Win XPProSP2 machine that was removed from a domain. Previous
domain settings included a GPO to install a couple of apps by assigning them
to the machine via .msi packages. A problem occurred on the server and I
erroneously reconfigured the computer configuration/software
settings/software installation portion of the GPO.

The apps no longer existed on the server but their application continued to
appear in the RSOP.msc-generated report (although with an error ! flag), both
before and after the target machine was disjoined from the domain.

My questions:
1) Is this behaviour what I have heard described as "tattooing" (of registry
settings)?
2) Where can I learn more about tattooing and what kinds of settings are
prone to this behaviour? (I scanned the registry after disjoinging the domain
and was surprised at how many domain-related keys/values remain)
3) How can I remove/reconfigure the settings in the registry (or
%systemroot%?) to permanently remove the existence of the apparent
GPO-applied software installation package, so that I get a clean and
representative RSOP report?

Many thanks for any guidance anyone can provide.
--
JCB\1059

In ,
JCB > typed:
> I have a Win XPProSP2 machine that was removed from a domain.
> Previous domain settings included a GPO to install a couple of apps
> by assigning them to the machine via .msi packages. A problem
> occurred on the server and I erroneously reconfigured the computer
> configuration/software settings/software installation portion of the
> GPO.
>
> The apps no longer existed on the server but their application
> continued to appear in the RSOP.msc-generated report (although with
> an error ! flag), both before and after the target machine was
> disjoined from the domain.
>
> My questions:
> 1) Is this behaviour what I have heard described as "tattooing" (of
> registry settings)?

I'd never heard the phrase. Then again, I don't get out much. Just googled
for "registry tattooing" and found 137 hits (some of which refer to purebred
dogs).

> 2) Where can I learn more about tattooing

Hmmm. What did you find when *you* googled for "registry tattooing" ? ;-)

> and what kinds of settings
> are prone to this behaviour? (I scanned the registry after
> disjoinging the domain and was surprised at how many domain-related
> keys/values remain) 3) How can I remove/reconfigure the settings in
> the registry (or %systemroot%?) to permanently remove the existence
> of the apparent GPO-applied software installation package, so that I
> get a clean and representative RSOP report?
>
> Many thanks for any guidance anyone can provide.

Maybe http://www.gpoguy.com/FAQs/tattoo.htm will help.
or
http://www.security-forums.com/viewtopic.php?t=37229
or
http://redmondmag.com/columns/article.asp?editorialsid=1279

OT, but I would just shrug & flatten/reinstall the box, if it is not
to be used on the previous domain to which it belonged. You will likely
waste a lot of time chasing down the settings & restoring them to non-domain
defaults - so, unless this is a "voyage of discovery" as you are just
inquisitive by nature, I'd start over with a clean machine.

Lanwench [MVP - Exchange] wrote:
>> Is this behaviour what I have heard described as "tattooing" (of
>> registry settings)?
>
> I'd never heard the phrase. Then again, I don't get out much. Just
> googled for "registry tattooing" and found 137 hits (some of which
> refer to purebred dogs).

*grin*
The term is actually quite old and I stopped hearing about it as much when
Windows 2003 came about.
It is mentioned cursory in several MSKB articles and chats - mostly centered
around custom group policies that stay even after they have been changed
(either with GP or by removal of the client machine from the domain.)

Although they can be changed manually (in the registry) - in most cases, the
quickest and most assurable solution is "start over."

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html

In ,
Shenan Stanley > typed:
> Lanwench [MVP - Exchange] wrote:
>>> Is this behaviour what I have heard described as "tattooing" (of
>>> registry settings)?
>>
>> I'd never heard the phrase. Then again, I don't get out much. Just
>> googled for "registry tattooing" and found 137 hits (some of which
>> refer to purebred dogs).
>
> *grin*
> The term is actually quite old and I stopped hearing about it as much
> when Windows 2003 came about.

Crap, I hate learning new things. My brain is full!

> It is mentioned cursory in several MSKB articles and chats - mostly
> centered around custom group policies that stay even after they have
> been changed (either with GP or by removal of the client machine from
> the domain.)
> Although they can be changed manually (in the registry) - in most
> cases, the quickest and most assurable solution is "start over."

Ayuh, that's my recommendation as well.

>
> --
> Shenan Stanley
> MS-MVP

By "starting over", would a Repair installation, as opposed to a clean
install, clear the registry of these apparent domain GPO vestiges?

Many thanks,
JCB



--
JCB\1059


"Shenan Stanley" wrote:

> Lanwench [MVP - Exchange] wrote:
> >> Is this behaviour what I have heard described as "tattooing" (of
> >> registry settings)?
> >
> > I'd never heard the phrase. Then again, I don't get out much. Just
> > googled for "registry tattooing" and found 137 hits (some of which
> > refer to purebred dogs).
>
> *grin*
> The term is actually quite old and I stopped hearing about it as much when
> Windows 2003 came about.
> It is mentioned cursory in several MSKB articles and chats - mostly centered
> around custom group policies that stay even after they have been changed
> (either with GP or by removal of the client machine from the domain.)
>
> Although they can be changed manually (in the registry) - in most cases, the
> quickest and most assurable solution is "start over."
>
> --
> Shenan Stanley
> MS-MVP
> --
> How To Ask Questions The Smart Way
> http://www.catb.org/~esr/faqs/smart-questions.html
>
>
>

In ,
JCB > typed:
> By "starting over", would a Repair installation, as opposed to a clean
> install, clear the registry of these apparent domain GPO vestiges?
>
> Many thanks,
> JCB

It might, but it might not. I think it's likely going to be a big waste of
time. Just flatten/reinstall from scratch.


>
>
>
>
>> Lanwench [MVP - Exchange] wrote:
>>>> Is this behaviour what I have heard described as "tattooing" (of
>>>> registry settings)?
>>>
>>> I'd never heard the phrase. Then again, I don't get out much. Just
>>> googled for "registry tattooing" and found 137 hits (some of which
>>> refer to purebred dogs).
>>
>> *grin*
>> The term is actually quite old and I stopped hearing about it as
>> much when Windows 2003 came about.
>> It is mentioned cursory in several MSKB articles and chats - mostly
>> centered around custom group policies that stay even after they have
>> been changed (either with GP or by removal of the client machine
>> from the domain.)
>>
>> Although they can be changed manually (in the registry) - in most
>> cases, the quickest and most assurable solution is "start over."
>>
>> --
>> Shenan Stanley
>> MS-MVP
>> --
>> How To Ask Questions The Smart Way
>> http://www.catb.org/~esr/faqs/smart-questions.html

It wouldn't hurt (or take much time) to give this a go before blowing it
away.

http://support.microsoft.com/kb/313222

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

"Lanwench [MVP - Exchange]" wrote:
| It might, but it might not. I think it's likely going to be a big waste of
| time. Just flatten/reinstall from scratch.

In ,
Dave Patrick > typed:
> It wouldn't hurt (or take much time) to give this a go before blowing
> it away.
>
> http://support.microsoft.com/kb/313222
>

Nice - I'm adding that to my favorites. Thanks, Dave.

>
> "Lanwench [MVP - Exchange]" wrote:
>> It might, but it might not. I think it's likely going to be a big
>> waste of time. Just flatten/reinstall from scratch.