Automating A Few Group Policy Tasks

I find myself having to repeat a lot of the same tasks in group policy management. Would someone have a script (or be able to put together one) that automates the following?

1. Look through group policy objects. Create a security group in a specific OU for any policy starting with APP_. The security group should be named DENY_APP_RESTOFPOLICYNAME. If a DENY_ already exists for that GPO, the script should not create the security group.

2. Assign a deny read/apply group policy permission on the APP GPO.

3. Assign a read permission for a specific security group containing users.

For example, the first GPO beginning with APP_ that we have is APP_Adobe Flash Player. The script should create a security group named DENY_APP_Adobe Flash Player in a specific OU. All deny groups are kept in the same OU. It should then assign a deny read/apply group policy permission on APP_Adobe Flash Player for the security group Deny_APP_Adobe Flash player. Finally, it should add a read permission for a security group containing certain users. This security group is the same for every GPO.

Any help would be awesome!!!
LVL 22
Joseph MoodyBlogger and wearer of all hats.Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
SysExpertConnect With a Mentor Commented:
I would ask for help from the powershell TA or similar, sine that would be the best tool for this.

I hope this helps !
0
 
Joseph MoodyBlogger and wearer of all hats.Author Commented:
Thank you for the advice. I had a good powershell friend put a couple of things together.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.