Once an assessment using the Block 64 Discovery tool has been completed you will want to remove the changes made in your environment. Below are the steps you will need to take to remove the changes you might have made to your DC:
1. Disable/Delete the User Account that might have been created for Discovery
- You will need to first log into your Domain Controller
- Access the Active Directory Users and Computers MMC snap-in
- Navigate to the user object you would like to remove. Right-click on the user and delete/disable.
- Navigate to the group that you might have created for the user account. Delete this also.
2. Delete the GPO that was created for the Service Account
- Open up the Group Policy Management Console
- Navigate to the Group Policy object (GPO) that you want to delete it should be at the top level of your domain.
- Right-click the GPO, and then click Delete.
- When prompted to confirm the deletion, click OK.
3. Delete the GPO for Windows Firewall (if these were made separately from the Service Account GPO) - same steps as deleting the GPO for the Service Account
Once the changes are made on your DC it will take some time to propagate to the machines in your environment, but after a certain period of time, the permissions and group policies that were previously applied will be removed. From Command Prompt, you can run 'gpresult /r' to review if the changes were made successfully.