Skip to content

GPOs && OUs

Group Policy Objects (GPOs)

Group Policy Objects (GPOs) are a collection of settings that define how the system looks and functions for a defined group of users and computers. In Active Directory, they are used to centrally manage security configurations, registry-based settings, and software installation.

Get-DomainGPO
Get-DomainGPO | select displayname
Get-DomainGPO | Select-Object -Property DisplayName, Name
Get-DomainGPO -Identity "Devops Policy" | Select-Object -Property DisplayName, Name 
Get-DomainGPOLocalGroup
Get-DomainGPOUserLocalGroupMapping -Identity student1 -Verbose

Organizational Units (OUs)

Containers used to organize nodes (Users, Computers, Groups) within a domain. They are primary targets for GPO inheritance and Permission Delegation

Get-DomainOU | select -ExpandProperty name
(Get-DomainOU -Identity <OU>).distinguishedname | %{Get-DomainComputer -SearchBase $_} | select name
(Get-DomainOU -Identity DevOps).distinguishedName
(Get-DomainOU -Identity DevOps).gplink
Get-DomainGPO -Identity '{0BF8D01C-1F62-4BDC-958C-57140B67D147}'