verify invoke-gpupdate execution.

hi all,

In the documentation for invoke-gpupdate, it says that the cmdlet does not create any output. How can I make sure the command correctly executed?

I know I can use $? but that tells me the cmdlet was correctly executed, not the result of invoke-gpupdate.

Thanks!

As far as I know, you need to verify it manually.

sorry, forgot to say that i want to run this on remote computers.

If I got you right you would need to check the status in event log of the remote computers.

ah, yes, never thought about that. event logs.

I’ll give it a shot.

Thanks, man!

There are a couple ways you could attempt this. If you just want to see if a GPO has been applied (and that’s it), consider these:

  1. Use `gpresult` and parse out what you want and/or export to a file.
  2. Easier: Check the GroupPolicy Operational event log for the last two 5312 events: one for Computer configurations and one for User configurations. See below.
$gpoEvents = Get-WinEvent -FilterHashtable @{
    LogName = 'Microsoft-Windows-GroupPolicy/Operational'
    Id      = 5312
} -MaxEvents 2

$appliedGPOs = $gpoEvents.Message | & {
process {
($_ -replace ‘List of applicable Group Policy objects:\s+’).Trim() -split “`n”
}
}

Compare $appliedGPOs to expected GPOs.

I got what I need from eventlog.

Thank you all for the guidance.