Solved

Automating A Few Group Policy Tasks

Posted on 2011-02-15
2
243 Views
Last Modified: 2012-05-11
I find myself having to repeat a lot of the same tasks in group policy management. Would someone have a script (or be able to put together one) that automates the following?

1. Look through group policy objects. Create a security group in a specific OU for any policy starting with APP_. The security group should be named DENY_APP_RESTOFPOLICYNAME. If a DENY_ already exists for that GPO, the script should not create the security group.

2. Assign a deny read/apply group policy permission on the APP GPO.

3. Assign a read permission for a specific security group containing users.

For example, the first GPO beginning with APP_ that we have is APP_Adobe Flash Player. The script should create a security group named DENY_APP_Adobe Flash Player in a specific OU. All deny groups are kept in the same OU. It should then assign a deny read/apply group policy permission on APP_Adobe Flash Player for the security group Deny_APP_Adobe Flash player. Finally, it should add a read permission for a security group containing certain users. This security group is the same for every GPO.

Any help would be awesome!!!
0
Comment
Question by:Joseph Moody
2 Comments
 
LVL 63

Accepted Solution

by:
SysExpert earned 500 total points
ID: 34912900
I would ask for help from the powershell TA or similar, sine that would be the best tool for this.

I hope this helps !
0
 
LVL 21

Author Comment

by:Joseph Moody
ID: 35097393
Thank you for the advice. I had a good powershell friend put a couple of things together.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now