Active Directory Group Policies (GPO) enables you to control user and computer settings. It is important to document them. In this blog post I am going to show you two PowerShell commands which create a GPO HTML Report. Let’s dive in.
To store all GPO Settings from all GPOs in one file run this command. Don’t forget to provide your domain name and the path of the report file.
Get-GPOReport -All -Domain "pagr.inet" -ReportType HTML -Path $home\allgporeports.html
We get one file with all the settings from all GPOs in it.
If you want to save the report file from each GPO individually, run this piece of code.
$allgpos = Get-GPO -All | Select-Object -ExpandProperty DisplayName
foreach ($g in $allgpos) {
Get-GPOReport -Name $g -ReportType HTML -Path $home\$g.html
}
Each GPO report is then saved separetely.
Hope this was helpful.
Categories: PowerShell, Windows Server
My name is Patrick Gruenauer. From Austria.
SID-500.COM 
You can also get the GPO reports to a specific OU easily:
# Specify the OUs we’re interested in
$OU = “”
<# Get GPOs applied to the OUs
$GPOs = Get-GPInheritance -Target "$OU" | Select-object -ExpandProperty InheritedGpoLinks
# Loop through the applied GPOs
foreach ($GPO in $GPOs) {
$Name = $GPO.DisplayName
Get-GPOReport -Name $Name -ReportType HTML -Path $HOME\$Name.html
}
LikeLiked by 1 person
Nice share, could prove to be useful in a scenario where you had to rebuild completely without backups.
LikeLike
Very useful post. I’ve done this (PowerShell reporting on GPOs) in past jobs and it is invaluable! Thank you.
LikeLike