• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 259
  • Last Modified:

Automating A Few Group Policy Tasks

I find myself having to repeat a lot of the same tasks in group policy management. Would someone have a script (or be able to put together one) that automates the following?

1. Look through group policy objects. Create a security group in a specific OU for any policy starting with APP_. The security group should be named DENY_APP_RESTOFPOLICYNAME. If a DENY_ already exists for that GPO, the script should not create the security group.

2. Assign a deny read/apply group policy permission on the APP GPO.

3. Assign a read permission for a specific security group containing users.

For example, the first GPO beginning with APP_ that we have is APP_Adobe Flash Player. The script should create a security group named DENY_APP_Adobe Flash Player in a specific OU. All deny groups are kept in the same OU. It should then assign a deny read/apply group policy permission on APP_Adobe Flash Player for the security group Deny_APP_Adobe Flash player. Finally, it should add a read permission for a security group containing certain users. This security group is the same for every GPO.

Any help would be awesome!!!
0
Joseph Moody
Asked:
Joseph Moody
1 Solution
 
SysExpertCommented:
I would ask for help from the powershell TA or similar, sine that would be the best tool for this.

I hope this helps !
0
 
Joseph MoodyBlogger and wearer of all hats.Author Commented:
Thank you for the advice. I had a good powershell friend put a couple of things together.
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now