Objective
Group Policy Objects contain sensitive configuration information which can be viewed by default by at least all members of the Domain.
Misconfigurations of Group Policy settings or its content can have a huge impact on the environment.
A periodic audit is advised.
List Group Policies in the Domain
Powershell (Remark: you need the RSAT tools installed to run this command)
get-gpo -all | export-csv allgpos.csv |
You can target your auditing based on the creation and modification time.
To get a detailed report for a specific policy you can use the get-gporeport commandlet.
Get-GPOReport -Guid 6ac1786c-016f-11d2-945f-00c04fb984f9 -ReportType html > ddcp.html |