VerifyIT

VerifyIT

Skip to content

Home
# SERVICES
^ BLOG
- Hardening
  - Browsers
    - Google Chrome
    - Internet Explorer
  - Cloud
    - Azure
  - Databases
    - DB2
    - MS SQL
    - MySQL
    - Oracle
  - Operating Systems
  - Webservers
    - Apache
    - IIS
- Compliance Scanning
- Monitoring
- Vulnerability Scanning
  - Nessus
  - Nikto
  - OpenVas
- Penetration Testing
* LOCATION
$CHARITY

Audit Domain based Group Policies

Objective

Group Policy Objects contain sensitive configuration information which can be viewed by default by at least all members of the Domain.
Misconfigurations of Group Policy settings or its content can have a huge impact on the environment.
A periodic audit is advised.

List Group Policies in the Domain

Powershell (Remark: you need the RSAT tools installed to run this command)

get-gpo -all | export-csv allgpos.csv

get-gpo -all | export-csv allgpos.csv

You can target your auditing based on the creation and modification time.

To get a detailed report for a specific policy you can use the get-gporeport commandlet.

Get-GPOReport -Guid 6ac1786c-016f-11d2-945f-00c04fb984f9 -ReportType html > ddcp.html

Get-GPOReport -Guid 6ac1786c-016f-11d2-945f-00c04fb984f9 -ReportType html > ddcp.html

Share this:

LinkedIn
Twitter
Facebook
Email
WhatsApp
Print
Telegram
Skype
More

Pinterest
Reddit
Tumblr
Pocket

This entry was posted in Audit, Compliance Scanning, Hardening, Powershell, Windows on December 16, 2016 by webmaster.

Post navigation

← Audit and Configure Account Policies on Windows DNS Server Cache Snooping Remote Information Disclosure →

Search for:

Partners

Top Posts

MS KB2269637: Insecure Library Loading Could Allow Remote Code Execution
Configure the 'SSL Cipher Suite Order' Group Policy Setting
The X-XSS-Protection header is not defined
MS15-011: Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)
SSH Server CBC Mode Ciphers Enabled
Check Windows File Integrity with sfc and powershell
Identify failed credentialed scans in Nessus / Security Center
Read .nessus file into Excel (with Power Query)
Ensure AES 128/128 Cipher Suite is configured
The site uses SSL and the Strict-Transport-Security HTTP header is not defined

Recent Posts

Samba Exploits January 23, 2018
Uploading / Downloading Files January 21, 2018
OS Fingerprinting October 14, 2017
Scanning udp port 1434 SQL Browser October 12, 2017
Mount Windows share from Linux October 12, 2017
UDP port Scanning October 11, 2017
Privilege Escalation October 8, 2017
Reverse Shells October 8, 2017
Verify Permissions on files (Windows) May 1, 2017
PASSWORD_COMPLEXITY_UNSUPPORTED_ON_AGENT February 24, 2017

Categories

Proudly powered by WordPress

Send to Email Address Your Name Your Email Address

Cancel

Post was not sent - check your email addresses!

Email check failed, please try again

Sorry, your blog cannot share posts by email.