Sometimes you need to search in a domain environment for a specific setting in GPO’s. This script will search through all the GPO’s in the domain and list the results at the end!
# Get the string you want to search for
$string = Read-Host -Prompt "What string do you want to search for?"
# Set the domain to search for GPOs
$DomainName = $env:USERDNSDOMAIN
# Find all GPO's in the current domain of logged on user
write-host "Finding all the GPO's in $DomainName"
Import-Module grouppolicy
$allGposInDomain = Get-GPO -All -Domain $DomainName
[string[]] $MatchedGPOList = @()
# Look through each GPO's XML for the string
Write-Host "Starting search...."
foreach ($gpo in $allGposInDomain) {
$report = Get-GPOReport -Guid $gpo.Id -ReportType Xml
if ($report -match $string) {
write-host "********** Match found in: $($gpo.DisplayName) **********" -foregroundcolor "Green"
$MatchedGPOList += "$($gpo.DisplayName)";
} # end if
else {
Write-Host "No match in: $($gpo.DisplayName)"
} # end else
} # end foreach
write-host "`r`n"
write-host "Results: **************" -foregroundcolor "Yellow"
foreach ($match in $MatchedGPOList) {
write-host "Match found in: $($match)" -foregroundcolor "Green"
}
Leave a Reply
You must be logged in to post a comment.