Home Tools Active Directory – Group Policy Report

Active Directory – Group Policy Report

Tools · 29. June 2024

If you want to quickly sort or filter the GPOs in the Active Directory by name or by enabled computer or user GPO settings, it is best to use Powershell.

Group Policy Report

For a Group Policy assessments which involve many GPOs, I should filter be able to filter by terms or settings and where those settings are then only enabled for computers and where for users.

With the following Powershell script, some patience and love for Excel you can build a Group Policy Report. This report can run for minutes in large environments. This is depending on the number of GPOs, the available network bandwidth and latency.

My Script

This is my script:

# Retrieve all GPOs (not all GPO Reports!)
$AllGpos = Get-GPO -All
# Create a custom object holding all the information for each GPO component Version and Enabled state
$GpoVersionInfo = foreach ($g in $AllGpos) {
    [xml]$Gpo = Get-GPOReport -ReportType Xml -Guid $g.Id
    [PSCustomObject]@{
        "Name" = $Gpo.GPO.Name
        "Comp-Ad" = $Gpo.GPO.Computer.VersionDirectory
        "Comp-Sys" = $Gpo.GPO.Computer.VersionSysvol
        "Comp Ena" = $Gpo.GPO.Computer.Enabled
        "User-Ad" = $Gpo.GPO.User.VersionDirectory
        "User-Sys" = $Gpo.GPO.User.VersionSysvol
        "User Ena" = $Gpo.GPO.User.Enabled
    }
}
# See the result
$GpoVersionInfo | Sort-Object Name | Format-Table -AutoSize -Wrap

I always copy the Powershell output into the text tool of my choice “Notepad++“, but you can of course create a CSV from it and then use it in Excel for all kinds of things.

Conclusion

Be prepared to use basic tools for Group Policy Reports and Assessments. I try to not rely too much on fancy tools as most assessments I am doing are in critical areas. If you can use tools, I do recommend to use the Active Directory Management Tool.

I would have recommended AGMP – Advanced Group Policy Management, but this has been announced as End of Life April 2026. If you are still using it, I do recommend evaluating options to replace it as part of your Windows Server 2025 strategy.

If you haven’t been using it so far, I do recommend the Microsoft Portal “Group Policy Search” to get prepared for the review.

Group Policy Report
Microsoft Portal “Group Policy Search” searching for RDP for Group Policy Report

Spread the knowledge
Avatar for Andreas Hartig
Andreas Hartig
Andreas Hartig - MVP - Cloud and Datacenter Management, Microsoft Azure

Related Posts

Tinyproxy and a dragon IT architect from the shadowrun world looking at a large screen with graphs on it
Tools

Tinyproxy on Hyper-V – new Ubuntu 24.04

· 31. May 2025

A Linux VM with Proxy, such as tinyproxy, can be used to reduce bandwidth as it caches frequently requested websites. Today we want to configure a Linux VM with a Proxy and deploy…

Spread the knowledge
Read more
COM Port Management and a dragon IT architect from the shadowrun world looking at a com port and a manufacturing floor
Tools

Windows – easy COM Port Management without Admin Rights with Windows 10 & 11

· 24. May 2025

COM Port Management with no administrator rights is a challenge. You might have noticed that I am currently involved in IT and OT discussions. During OT modernization, I encountered a…

Spread the knowledge
Read more
Remote Desktop Connection Manager (RDCM) – A Must Have for Homelabs and a dragon IT architect from the shadowrun world looking at his computer monitor without humans
Tools

Remote Desktop Connection Manager (RDCM) – A Must-Have for Homelabs

· 17. May 2025

Managing multiple remote connections efficiently is a challenge for IT professionals and homelab enthusiasts alike. Remote Desktop Connection Manager (RDCM) simplifies this process by providing a centralized interface for organizing…

Spread the knowledge
Read more
IT Architect dragon from the shadowrun universe with USB Stick and Rufus theme
Tools

Windows Server 2025 – Create bootable USB drives the easy way

· 22. February 2025

To get started with Windows Servers 2025 you need to create a bootable USB drive. This normally is done on a USB Stick. To create a bootable USB Device and…

Spread the knowledge
Read more
A dragon IT Architect in the shadowrun world using an Excel document and the Azure Quick Review Tool
Tools

Azure Quick Review 2.04 – High Level Assessments

· 11. January 2025

With Azure Quick Review (azqr) you can quickly make a High Level Assessment of an “Azure Subscription” or “Resource Group”. Installation of Azure Quick Review You can download the files…

Spread the knowledge
Read more
A dragon IT Architect in the shadowrun world using Microsoft Tools like Windows LAPS to secure his datacenter, relaxing and watching a sitcom on TV
Tools

Securing Local Administrator Accounts with Windows LAPS: A Get Started Guide for Windows Server Environments

· 28. December 2024

Managing local administrator accounts securely is a critical aspect of maintaining a robust and secure IT environment. With the introduction of the Windows Local Administrator Password Solution (LAPS) in newer…

Spread the knowledge
Read more