We have had a big push to more acuratly document our network. Being a big fan of GPOs we have quite a few of them. Around 160 of them actually. So I wanted to document them but without having to look through each one and write every setting down.
Luckily the Group Policy MMC has a neat little report you can export. Whats even neater is you can call that up with PowerShell and export it without using the GUI. So you can export every setting in all your GPOs with a single script.
We like to keep records of what changes so each time you run this it puts the reports into a dated folder.
Here is that script.
Import-Module GroupPolicy
$year = get-date -uformat "%Y"
$month = get-date -uformat "%m"
$day = get-date -uformat "%d"
New-Item -ItemType directory -Path C:\GPOReports\$year\$month\$day -ErrorAction silentlyContinue
$GPOs = Get-GPO -All
$pattern = "[{0}]" -f ([Regex]::Escape([String][System.IO.Path]::GetInvalidFileNameChars()))
foreach($GPO in $GPOs){
$filename = $GPO.DisplayName
$filename = [Regex]::Replace($filename, $pattern, ' ')
$path = 'C:\GPOReports\' + $year + '\' +$month + '\' + $day + '\' + $filename + '.htm'
Get-GPOReport -Guid $GPO.Id -ReportType HTML -Path $path
}
No comments:
Post a Comment