List Group Policy Object using PowerShell

4.Jul.2013 | by Gusac | Filed in: Articles

Note: The cmdlet Get-GPO is available on Windows server 2012 and later but can query previous version of AD services. 
 
The cmdlet Get-GPO in Windows server 2012 has the follwoing available parameters you can use:
image

Get a GPO by name

The following command will return the GPO with name Second-Test-Policy. Specify the GPO name that you would like to list.

Get-GPO -Name 'Second-Test-Policy'
image

Get a GPO by GUID

To list a Group policy object by a GUID. Please note, the Guid is not enclosed between braces or ‘squiggly brackets’: ‘{‘ ‘}’

Get-GPO -Guid 17BAE363-6AB5-40BE-A6F9-988EA53B527B
image 

List all GPOs in domain:

Get-GPO –All

 
 
Get all GPOs from a specific domain or domain controller
Get-GPO -All -Domain Fmi.com -Server DC01.Fmi.com
 
The parameters –Domain and –Server are optional.
-Domain : Specifies the domain for this cmdlet.
-Server : Specifies the name of the domain controller that this cmdlet contacts to complete the operation.

image
 

Search GPO with keywords

The below command look for the GPO where display name contains the string Test.

Get-GPO -All | where{$_.DisplayName -like '*Test*'}
OR
Get-GPO -All | where{$_.DisplayName -like '*Test*'} | Select DisplayName, GPOStatus
image