Tuesday, June 4, 2019

Finding Items in Group Policies

I have had occasion to look for specific information within a client's group policies.  In particular, what drives are being mapped for a group of users.  This client a quite a few organizational units (OUs) and, thus, quite a few groups policies (GPOs).  To simplify this process, I looked for a Powershell solution to help me.  This is what I found:

Param
    (
        # This section is the -StringToFind parameter
        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true,
                   Position=0)]
        [String]
        $StringToFind

    )

    Begin
    {
    $GPOsToCheck = get-gpo -all |Sort-Object -property displayname # gather all GPO information and sort by displayname
    Write-Host " Checking through" $GPOsToCheck.count "GPO's"
    }
    Process
    {
   

$ListOFAffectedGPOs = @()
$count = 1
$GPOsToCheckCount = $GPOsToCheck.count
foreach ($item in $GPOsToCheck) # go through the list of group policies
{
$Result = Get-GPOReport -name $item.DisplayName -ReportType XML   

if ($Result -match $StringToFind) # check if Result variable information matches the string
{
$ListOFAffectedGPOs += $item.DisplayName
}
else
{

}
Write-Host "$count of $GPOsToCheckCount"
$count++ 
}
Write-Host "List of GPO's that contain $StringToFind"  -ForegroundColor Green
$ListOFAffectedGPOs


    }
    End
    {
    }




The syntax of the script is:
Get-GPOThatContains.ps1 -StringToFind password

Here is the output based on my home AD domain:
PS C:\scripts> .\Get-GPOsThatContain.ps1 -StringToFind password
 Checking through 9 GPO's
1 of 9
2 of 9
3 of 9
4 of 9
5 of 9
6 of 9
7 of 9
8 of 9
9 of 9
List of GPO's that contain password
Default Domain Policy
testdest
TestSource
Windows 7 Screen Lock

The script finds all GPOs, evaluates each policy for the string to find (in this case 'password'), and lists the policies that have that string.


I have found this script very useful when we need to quickly find a GPO entry or when onboarding a new client.


I hope you have found this helpful.  Please let me know if you have any questions.


Mike


No comments:

Post a Comment