Morning All,
I`ve been tasked with writing a PowerShell script that generates a report of all of our GPO`s.
I am wondering if there is a way using the GroupPolicy module to retrieve the location in the registry that an administrative template is modifying.
For example,
I have the policy Computer Configuration/Microsoft Office 2013 (Machine)/Updates Enable Automatic Updates set to disabled. Is it possible to get the full path under HKLM that this policy changes?
I currently use a mix of Win7, Win8.1, and Win10 in my environment. PowerShell 4.0 and above in my environment as well.
You can use Get-GPRegistry value but you have to specify the key. I knocked up this script which uses recursion to walk through a group policy object and expanding the key path until it finds a policy setting:
function Get-GPORegistryKeys {
param (
[string]$GPOName,
[string]$key
)
$keyCollection = Get-GPRegistryValue -Name $GPOName -Key $key | Select -ExpandProperty FullKeyPath
foreach ($subkey in $keyCollection) {
$keyInfo = Get-GPRegistryValue -Name $GPOName -Key $subKey
if (($keyInfo.gettype() | Select -expandproperty Name) -eq 'PolicyRegistrySetting') {
Write-Output "$($keyInfo.fullkeypath)\$($keyInfo.valuename)"
} #end if
else {
Get-GPORegistryKeys -GPOName $GPOName -key $subkey
} #end else
} #end foreach $subkey
} #end Get-GPORegistryKeys function
Get-GPORegistryKeys -GPOName TestSales -Key HKLM\Software
Output:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun
HKEY_LOCAL_MACHINE\Software\policies\microsoft\office\15.0\common\officeupdate\enableautomaticupdates
Thanks for the reply!
I’ve tried the snippet, but the code is failing to produce any results on my machine.
I’ve set some breakpoints in the code to see what’s going on. It gets down to where some registry values are, but then gets stuck in a recursive loop.
When stepping through the code, $keyinfo.gettype() returns System.Array for the basetype, object for the name.