Sysadmin accidentally deployed a GPO shutdown loop companywide; recovery requires booting a DC in safe mode and nullifying the script in SYSVOL before deletion caches it.
Key Takeaways
Boot one DC in safe mode, locate the last-modified GPO in the SYSVOL volume, and edit the script to a no-op. Do not delete it or the cached version persists.
After normal reboot, clients will pull the updated GPO within a few cycles.
Root causes: no staged rollout, shutdown /t 0 forces immediate shutdown with no grace period, and GPO scripting was unnecessary since power settings can handle idle shutdowns natively.
A /t 900 flag (15-minute warning) before the shutdown window would have prevented forced interruptions.
Idle machines draw only 30-60W; policy pressure to script shutdowns may not justify the operational risk.
Hacker News Comment Review
Commenters flagged the core process failure: no test group, no peer review, no staged rollout for a change with catastrophic blast radius.
The dark humor observation that HR can’t fire OP because HR’s computers are also down circulated as a sharp aside.
Notable Comments
@PaulKeeble: “This process is going to create catastrophic errors” – argues zero guard rails plus no pair review makes disasters inevitable, not accidental.
