RightClickNewNetwork

User Tools

Site Tools

You are here: adsetup » adsetup » group_policy_preferences
adsetup:group_policy_preferences

The only native Group Policy Preference command in PowerShell is: Set-GPPrefRegistryValue
     https://technet.microsoft.com/en-us/itpro/powershell/windows/group-policy/set-gpprefregistryvalue

It is extremely limited, as it only processes registry settings. Advanced options, such as Apply once… are not available. While the setup of these commands may seem complex, once understood it is quite straightforward and easily replicated for various settings.
With a few exceptions, this script will generate a properly formatted XML file for the appropriate preferences. The XML is created using the Create_XML and a number of other functions. The functions that create the GPP are as follows:

Computer GPP Functions

     CreateComputerRegistryPreferences
     CreateComputerFilePreferences
     CreateComputerFolderPreferences
     CreateComputerGroupPreferences
     CreateComputerPowerOptionsPreferences
     CreateComputerScheduledTasksPreferences
     CreateComputerPrinterPreferences
     CreateComputerShortcutsPreferences

User GPP Functions

     CreateUserRegistryPreferences
     CreateUserDrivePreferences
     CreateUserFilePreferences
     CreateUserFolderPreferences
     CreateUserDefaultFolderPreferences
     CreateUserStartMenuTaskbarPreferences
     CreateUserShortcutsPreferences



Note: There are a number of items that the script does not dynamic create due to the effort required to code the XML creation for an item likely rarely used or so specific to an environment. The main GPP function that is not available is Item-level Targeting. If something needs to be targeted, it can be done after the policies are generated. See the individual Functions to understand any additional limitations.
The GPP clsid Reference can be used to reference the GUID's referenced to create the appropriately formatted XML files.

Function Create XML

This function is what creates a GPP XML. It creates it in the correct Group Policy location and SYSVOL. Additionally, each specific GPP function also updates the GPO with the correct GPP extension in Active Directory using the AddGPToAD function.

Parameters

Create_XML $XMLRegistryRoot $XMLNodes $XMLItem


$XMLRegistryRoot - This defines the structure of the XML file being created. It is updated based on the XML being created. Please review the code for specifics required for the setup of an XML file.

$XMLNodes - This provides the structure for the XML Nodes of the file. The schema requirements for each GPP XML is unique. Here is the Registry one as an example.

$XMLItemAttributes = 
("collection","coldisabled","clsid","name","status","image","changed","uid","disabled","bypassErrors","userContext","desc","removePolicy","PRIMARYEND","action","displayDecimal","default","hive","key","name","type","value","RUNONCE","SUBEND")


$XMLItems - These lines signify the GPP settings being set. A multidimensional array of values is created in each function. Each item is preceded by a Generate_GUIDDATE function, which generates two unique GUID's and a date string in the required format. The below example sets sets the set domain to the local intranet zone in Internet Explorer.

$XMLItemValues += @("Internet Explorer","0",$RegistryCLSID,"$DNSRoot - *","$DNSRoot - *","12",$DateUni,$GUID,"0","1","0","Created By $FirmName on $Date for Internet Explorer. Configures Internal Domain as Local Intranet Sites.","0","PRIMARYEND","U","0","0","HKEY_CURRENT_USER","Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\$DNSRoot","*","REG_DWORD","00000001","Yes","SUBEND")



This script does not have to be updated to generate these key GPP files. Only a handful of settings are included in each section of the script. Additional items should be added to generate the standard set of policies.

adsetup/group_policy_preferences.txt · Last modified: 2017/04/01 03:07 by rob