WSV 415 Group Policy Reporting and Analysis with

WSV 415 Group Policy Reporting and Analysis with Windows Power. Shell Jeremy Moskowitz Chief Propeller-Head GPAnswers. com / Policy. Pak Software Jeffery Hicks Prof. Power. Shell JDH Information Technology Solutions

You are the Group Policy Go-To "Guy" You know a little Power. Shell You want to blend the two. Solve problems proactively Jeremy, Group Policy MVP: Mr. Problem Explainer Jeff, Power. Shell MVP: Mr. Solutions guy

Power. Shell and Group Policy Requirements (Myths and Facts) Group Policy Reporting Group Policy Analysis (ie: Find “oops-ed” GPOs) Find Extra Registry Settings Find GPO with ADM Files Find Unlinked GPOs

Want the demos & samples? Sign up: tinyurl. com/teps 1 Problems with the signup? Just email us (URL will show up again later, but write it down now)

Myth Busted: Any Active Directory is A-OK Requirements: Windows 7 or later on management machine (preferred) RSAT for Windows 7 Power. Shell v 2. 0 or later Optional: Microsoft Active Directory Provider recommended

Import-module Group. Policy Get a GPO Power. Shell Object Build a report based on the object Build HTML/XML GPO Reports Parse and search the XML for analysis Select-XML and Xpath searches are helpful

Boss wants there to be a “paper record” of what’s currently in Group Policy

The GPO Power. Shell Object PS C: > Import-Module Group. Policy PS C: > Get-GPO Jeremy. GPO Display. Name Domain. Name Owner Id Gpo. Status Description Creation. Time Modification. Time User. Version Computer. Version Wmi. Filter : : : Jeremy. GPO GLOBOMANTICS. local GLOBOMANTICSDomain Admins cd 73 c 562 -5 bfe-40 e 2 -b 81 e-28 da 10 da 425 c Computer. Settings. Disabled 12/28/2011 2: 52: 37 PM 5/21/2012 11: 08: 26 AM AD Version: 4, Sys. Vol Version: 4 AD Version: 1, Sys. Vol Version: 1

Get-GPOReport (HTML and XML) GPOs Modified and Created Automated HTML GPO Reports GPOs by Container

GPO Report Sample get-gpo -all | Where {$_. Modification. Time -gt (Get. Date). Add. Days(-30)}. . . | Sort Modification. Time -Descending | Where {$_. Modification. Time -ge (Get-Date). Add. Days(-30)} | Select Displayname, Modification. Time, Description. . . | Export-CSV R: GPOMod. Report. csv

GPO Reports with Power. Shell

Boss says “There are too many GPOs, some don’t appear to be used”

Identify Group Policy Objects with no settings Look for XML Extension. Data

Empty GPOs <> Extension. Data PS C: > Import-Module Group. Policy PS C: > [xml]$r = Get-GPOReport -Name My. GPO -Report. Type XML PS C: > if ((-Not $r. gpo. user. extensiondata) -AND (not $r. gpo. computer. extensiondata)) { "GPO is empty" }

Find Empty GPOs

(Three problems solved for the price of one line of code) Boss says “When was the last time anyone touched [Group Policy Object X]? ” “Are there any GPOs with ‘half’ the policy disabled? ” “Are there any GPOs with ‘all’ the policy disabled? ”

Filter GPOs by GPOStatus PS C: > get-gpo -all | Sort GPOStatus | format-table Group. By GPOStatus Displayname, *Time PS C: > get-gpo -all | where {$_. GPOStatus -match "disabled"} | Select GPOStatus, Displayname PS C: > get-gpo -all | where {$_. GPOStatus -match "All. Settings. Disabled"}

Filter GPOs by Node Status

Why have GPOs which “have stuff” but aren’t being utilized anywhere?

Find Unlinked GPOs Import-Module Active. Directory Get-ADOrganizational. Unit -filter * | select-object -Expand. Property Distinguished. Name | get-adobject -prop gplink | where {$_. gplink} | Select-object -expand gplink | foreach-object { foreach ($item in ($_. Split("]["))) { $links+=$regex. match($item). Value } } Get-GPO -All | Where {$links -notcontains $_. id}

Find Unlinked GPOs

Find Extra Registry Settings #Use Xpath with the XML report data PS C: > [xml]$report = Get-GPOReport -Name My. GPO -Report. Type XML PS C: > $ns = @{q 3 = "http: //www. microsoft. com/Group. Policy/Settings/Regi stry"} PS C: > $nodes = Select-Xml $report -Namespace $ns -XPath "//q 3: Registry. Setting" | select -expand Node | Where {$_. Adm. Setting -eq 'false'}

Find Extra Registry Settings

Get-Question | Out-Answer

Jeff Hicks http: //jdhitsolutions. com/blog @Jeff. Hicks Jeremy Moskowitz http: //gpanswers. com http: //www. policypak. com @jeremymoskowitz Get Examples Get Help Get Smarter FREE PS+Group Policy chaper: tinyurl. com/teps 1

#TE(sessioncode) Talk to our Experts at the TLC DOWNLOAD Windows Server 2012 Release Candidate Hands-On Labs microsoft. com/windowsserver DOWNLOAD Windows Azure Windowsazure. com/ teched

Learning Connect. Share. Discuss. Microsoft Certification & Training Resources http: //northamerica. msteched. com www. microsoft. com/learning Tech. Net Resources for IT Professionals Resources for Developers http: //microsoft. com/technet http: //microsoft. com/msdn

Complete an evaluation on Comm. Net and enter to win!

Scan the Tag to evaluate this session now on my. Tech. Ed Mobile