Check GPO Settings are applied to servers in OU
In both RMS or CCS R&A, I want to take the GPO settings that an OU is linked to and run a check to verify that all the GPO settings actually applied to the servers in that OU. So basically, I want to check the local security policy settings.
- I have a query created to show all settings listed in a particular GPO. Then I have an RMS query that lists all the local settings applied to a server.
- I cannot just rely on Active Directory to apply the GPO without occasionally auditing that they are applying correctly. Is there an easy way to compare a GPO and the settings that are actually applied to a server to verify all are applying correctly?
- Or, how do I easily take results of an RMS query on a particular machine and use it to verify settings on a set of machines? Do I have to manually put into the Filter of a new query?
In CCS R&A:
- Is there a way to import the results of an RMS query to create checks within a Standard?
- Is there another way to create a Standard's checks based on a GPO?
Hope this makes sense.