Search all GPO's for a setting

pcmm
pcmm used Ask the Experts™
on
I have inherited an AD domain and I'm currently trying to figure out what was setup  ( pretty much EVERY security and Best practices violation exists here!!)  Currently I'm trying to find which GPO  (there are 20) has the setting for password complexity.  I should be able to find it but I haven't found a GPO with this setting turned on. It's really odd.  I'm probably just missing it somewhere,  but there should be a way to search all the GPO's in the domain for this setting ( assuming it wasn't done at the local machine level!!)are there any good tools (I'd prefer NOT to use powershell if I can)

thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
helpfinderIT Consultant

Commented:
in GPO management console you can check each GPO for settings they affecting (in the right pane under Settinfs tab)
Joseph MoodyBlogger and wearer of all hats.

Commented:
You can search your domain in the GPMC.  Under domains, you will see your domain name. Right click on it and select search.
helpfinderIT Consultant

Commented:
or try Search option in GPO management with search criteria like this

gpo_search
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Top Expert 2013

Commented:
Also take an RSoP report for a computer/user in the domain and it should tell you where the setting is being applied from.

Password settings are special as they have to be linked at the domain level.  

Thanks

Mike

Author

Commented:
Thanks,  I've done that,  odd thing is that I get results but none of them have any password complexity rules turned on, yet my domain requires it!
helpfinderIT Consultant

Commented:
on the computer you assume that GPO is applied check local GPO for such a settings

Author

Commented:
Sorry for the delay getting back.  I've searched in the group policy editor,  I've searched local policies,  I've tried GPRESULT /z .... and nowhere can I so far find any settings that suggest Password complexity is turned on,  but each time I try to change passwords,  I get that familiar password complexity error ( If I don't use a password that complies)  I've never seen anything like this before!  any further ideas?
Blogger and wearer of all hats.
Commented:
Try the powershell script in the second part of this page:

http://deployhappiness.com/searching-gpos-for-that-specific-setting/
Seth SimmonsSr. Systems Administrator

Commented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial