Group Policy results wizard

Resultant Set of Policy (RSOP) data is often critical to the Group Policy troubleshooting process. Usually when working a support ticket, you are trying to correct some behavior by identifying the GPOs applying to a machine or user, and then digging into those policies to figure out what settings contained within are the ones causing your problems.

If you happen to be sitting in the cubicle next to the user having trouble, getting the RSOP data is very easy: just walk over there and do it! Unfortunately, this is rarely the case. Usually the IT staff are in their own section of the building, perhaps on another floor, or in many cases in an entirely different ZIP code. While you certainly could use some kind of remote-assistance technology to screen-share with the user and plunk out the commands right there on the local system, a capability exists inside GPMC that allows us to query Group Policy Result data remotely, initiating this information request right from GPMC and never having to log in to the remote computer.

This capability is called the Group Policy Results Wizard. Down near the bottom of GPMC, you can run this wizard in order to remotely query a particular computer and user to view their current RSOP data. Computer data is readily available on this report, and user data will be also, as long as the user has logged in to that computer at some point. The coolest thing is that the user does not even have to be logged in while you run this wizard. As long as the user in question has logged in to the computer at some point in the past, RSOP data will be pulled from that computer pertaining to both the computer and user account (RSOP information as of the last time the user logged in there).

The Group Policy Results Wizard queries the remote computer using WMI/RPC network protocols. It uses TCP ports 135 and 445, so you need to ensure that these ports are allowed Inbound on your client computers. If the local firewall on the client's side is denying these ports by default, the wizard will fail to retrieve any information until you open them up. It's a good thing you now know how to create Inbound firewall rules via GPO!
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.149.243.131