Extract xml with two value existence

hi, can advise how to scan through xml with multiple instance of and only return “True” if the xml consist of both “Turn off Automatic Root Certificates Update” and “Enabled” (see in bold) with the same instance of , please note q3 is random (can be q1, q14).
Thanks.

**Turn off Automatic Root Certificates Update** ** Enabled** This policy setting specifies your computer will contact the Windows Update website. At least Windows Server 2003 operating systems with SP1 or Windows XP Professional with SP2 System/Internet Communication Management/Internet Communication settings false Registry

Hello,

XML searches is something I have already dealt with, but without quite understanding how they were working. I think you have to understand XML to be able to correctly deal with those searches.

Unfortunately, this is not going to be easy to answer you without, at least, an example of your XML data.

I think the best is to try using the complicated Select-Xml
command, and look over google how you can help yourself

hi @ZaMotH , please see the full xml, is too long thats why did not include.

There I trying to with dataset which contain both “Turn off Automatic Root Certificates Update” and “Disabled” and return the GPO name.

Thanks. hope you or someone can advise. Thanks.

==================================================

<?xml version="1.0" encoding="utf-16"?> {31b2f340-016d-11d2-945f-00c04fb984f9} T001.dk.local Default Domain Policy true 2023-05-24T10:31:57 2023-05-24T10:38:34 2023-05-26T04:40:20.0490051Z O:DAG:DAD:PAI(A;;CCLCSWRPWPLORCWDWO;;;DA)(A;CIIO;CCDCLCSWRPWPDTLOSDRCWDWO;;;DA)(A;;CCLCSWRPWPLORCWDWO;;;S-1-5-21-147 3191396-723261625-151753656-519)(A;CIIO;CCDCLCSWRPWPDTLOSDRCWDWO;;;S-1-5-21-1473191396-723261625-151753656-519)(A;;CCLCSWRPWPLORCWDWO;;;DA)(A;CIIO;CCDCLCSWRPWPDTLOSDRCWDWO;;;CO)(A;CI;CCD CLCSWRPWPDTLOSDRCWDWO;;;SY)(A;CI;LCRPLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;LCRPLORC;;;ED)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CII OIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)

<Owner xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">
  <SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-1473191396-723261625-151753656-512</SID>
  <Name xmlns="http://www.microsoft.com/GroupPolicy/Types">T001\Domain Admins</Name>
</Owner>
<Group xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">
  <SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-1473191396-723261625-151753656-512</SID>
  <Name xmlns="http://www.microsoft.com/GroupPolicy/Types">T001\Domain Admins</Name>
</Group>
<PermissionsPresent xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">true</PermissionsPresent>
<Permissions xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">
  <InheritsFromParent>false</InheritsFromParent>
  <TrusteePermissions>
    <Trustee>
      <SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-9</SID>
      <Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS</Name>
    </Trustee>
    <Type xsi:type="PermissionType">
      <PermissionType>Allow</PermissionType>
    </Type>
    <Inherited>false</Inherited>
    <Applicability>
      <ToSelf>true</ToSelf>
      <ToDescendantObjects>false</ToDescendantObjects>
      <ToDescendantContainers>true</ToDescendantContainers>
      <ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
    </Applicability>
    <Standard>
      <GPOGroupedAccessEnum>Read</GPOGroupedAccessEnum>
    </Standard>
    <AccessMask>0</AccessMask>
  </TrusteePermissions>
  <TrusteePermissions>
    <Trustee>
      <SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-18</SID>
      <Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\SYSTEM</Name>
    </Trustee>
    <Type xsi:type="PermissionType">
      <PermissionType>Allow</PermissionType>
    </Type>
    <Inherited>false</Inherited>
    <Applicability>
      <ToSelf>true</ToSelf>
      <ToDescendantObjects>false</ToDescendantObjects>
      <ToDescendantContainers>true</ToDescendantContainers>
      <ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
    </Applicability>
    <Standard>
      <GPOGroupedAccessEnum>Edit, delete, modify security</GPOGroupedAccessEnum>
    </Standard>
    <AccessMask>0</AccessMask>
  </TrusteePermissions>
  <TrusteePermissions>
    <Trustee>
      <SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-11</SID>
      <Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\Authenticated Users</Name>
    </Trustee>
    <Type xsi:type="PermissionType">
      <PermissionType>Allow</PermissionType>
    </Type>
    <Inherited>false</Inherited>
    <Applicability>
      <ToSelf>true</ToSelf>
      <ToDescendantObjects>false</ToDescendantObjects>
      <ToDescendantContainers>true</ToDescendantContainers>
      <ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
    </Applicability>
    <Standard>
      <GPOGroupedAccessEnum>Apply Group Policy</GPOGroupedAccessEnum>
    </Standard>
    <AccessMask>0</AccessMask>
  </TrusteePermissions>
</Permissions>
<AuditingPresent xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">false</AuditingPresent>

true 3 3 true ClearTextPassword false Password LockoutBadCount 0 Account Lockout MaximumPasswordAge 42 Password MinimumPasswordAge 1 Password MinimumPasswordLength 7 Password PasswordComplexity true Password PasswordHistorySize 24 Password MaxClockSkew 5 Kerberos MaxRenewAge 7 Kerberos MaxServiceAge 600 Kerberos MaxTicketAge 10 Kerberos TicketValidateClient true Kerberos MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash 1 Network security: Do not store LAN Manager hash value on next password change true ForceLogoffWhenHourExpire 0 LSAAnonymousNameLookup 0 Security 2 0 0 0 Administrator Administrator 2123-04-30T10:38:34Z 1.3.6.1.4.1.311.10.3.4.1 0200000001000000CC0000001C0000006C0000000100000000000000000000000000000001000000320064003300350035006200660036002D0030003400330063002D0034003500370063002D0062006400370 039002D0039003600360065003500370064003400380034003100350000000000000000004D006900630072006F0073006F0066007400200045006E00680061006E006300650064002000430072007900700074006F006700720061007 0006800690063002000500072006F00760069006400650072002000760031002E0030000000000003000000010000001400000070F805AA2B8C5286D294399A34DF798F3F3E72CC2000000001000000850300003082038130820269A00 30201020210783E32A448B858BE4FD576802FDD8D58300D06092A864886F70D01010505003050311630140603550403130D41646D696E6973747261746F72310C300A0603550407130345465331283026060355040B131F45465320466 96C6520456E6372797074696F6E2043657274696669636174653020170D3233303532343130333833345A180F32313233303433303130333833345A3050311630140603550403130D41646D696E6973747261746F72310C300A0603550 407130345465331283026060355040B131F4546532046696C6520456E6372797074696F6E20436572746966696361746530820122300D06092A864886F70D01010105000382010F003082010A0282010100954AFBD786A97AF846F7521 D4A5C5770711B5CC71274AF6E35AC5C3C726C63C3D8444D959EC7F9DB3D6311119330FA6C9F22CFB8B7E95A2A4D3CCD018D29F9A9E66B35894DCFF4642F188E4F807CC683EB461CDBD8DC7C2B9F7D09007E1237BB61C9F6C67F3A1C476 1AF4E8137023C1A920B4C2D939D5ABB0148DC741F946ECF58D96F4CA3EF8C96011CBA8F5745E04B095D1D237E639C2186395FCC2A4E0828243622296B4971D5441A5DD77879439F7597C4EED1DB226B1A8EBBA58DCCAD3535DD6FEEAF7 1F58359B37B66C51D98403B82E41E6F85B5CD7C9238FE14B018B1BE9A9553038E2B8EEB1C39B101465D785EC95BE8B085F32617D4436B77D090930203010001A355305330160603551D25040F300D060B2B0601040182370A030401302 E0603551D1104273025A023060A2B060104018237140203A0150C1341646D696E6973747261746F7240543030310030090603551D1304023000300D06092A864886F70D010105050003820101003B530B3331464947180C59881D964F9 4A76685FDAFC9A9803E3942DEC41921C2F214AF52F733F6D742BDE2B0E56D9CD57DB67590EA92F3E745E0C8FD3D6CC53291A22136B7DB7063B5E942DF511AD3125468CC4C5528B569EEC467B360B21F7C7AED7A22D45D29BC2B66BF003 BBEC22496BAB40AE62B67A9BCA8E632F11CD9F82679541530EE08F789EA4B5DAE0C9DC4BB77BB66D73B783303D7D323C8AB6781F34B95258CF3C120E1305DE9E93743BB54D653EF5EBE593A677FD2B53DA1BB9EEA4B17268DB17DC233E C5522DD14AACF78B3042E12B04DC39FF451D3BA6A87A1D9C5317F45AB34C1B5368DCBE089CBC818E364DAA6B4C6E423420E2F668A037D true true false Public Key Registry 0 0 true T001 T001.dk.local true false