GET-IT: TEAMS DAY | 1-Day Free Virtual Conference all about Teams. Here on - 8/12/20 GET-IT: TEAMS DAY - 8/12/20

Batch: List GPOs and GPO owners

Home Forums Scripting General Scripting Batch: List GPOs and GPO owners

Viewing 1 post (of 1 total)
  • Author
  • Avatar

    I was doing some ACL cleanup in my environment and wanted to make sure the GPO owners are set according to our design docs (we assign a group and not individual account as object owner – available in W2K3’s GUI), so I came up with this short batch to do the trick:

    @echo off

    Rem The script assumes you have dsquery and acldiag tools installed on the machine you are running the script from

    set AD_NC=”cn=policies,cn=system,dc=company,dc=com”

    set GPO_FILTER=”objectClass=groupPolicyContainer”
    set TEMP_FILE=”tmp_gpolist.txt”
    set TEMP_FILE2=”tmp_gpolist_paths.txt”

    del /f %TEMP_FILE% %TEMP_FILE2%
    if exist %TEMP_FILE% goto CANT_DELETE_FILE
    if exist %TEMP_FILE2% goto CANT_DELETE_FILE

    dsquery * %AD_NC% -l -filter %GPO_FILTER% > %TEMP_FILE%

    FOR /F “usebackq” %%i IN (%TEMP_FILE%) DO (
    acldiag %%i | findstr “Owner”
    dsquery * %%i -scope base -attr gpcFileSysPath | findstr /i “\” > %TEMP_FILE2%
    FOR /F “usebackq” %%j IN (%TEMP_FILE2%) do type %%jGPT.ini | findstr /I displayname
    echo ========================================================================
    goto END

    echo Failed to delete old temporary file. Exiting…
    goto END


Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.