Group Policy Results

It is always a good practice to know what policy settings are being applied to a user or computer, since GPO imposes a lot of restrictions and customizations on the user and computer. So, if something is amiss, a review of the policy settings will shed some light on the problem. To view the Resultant Set of Policy settings, you can use the following tools:

RSoP snap-in

The Resultant Set of Policy snap-in is a Microsoft Management Console (MMC) tool. It can be used to create detailed reports about applied policy settings. It has two modes: Logging mode – displays the policy settings currently applied to a user and computer. Planning mode – simulates policy settings that will be applied to a user or computer. To open the RSoP snap-in, follow these steps:

• Go to Start Menu → Run. Type MMC and click OK

• In the MMC console menu bar, File → Add/Remove Snap-in. Select RSoP from the list of available snap-in and click Add → OK

• Right-click the Resultant Set of Policy and select Generate RSoP data

• In the wizard that appears, choose the either Logging mode or Planning mode, the computer and the user to see the list of applied settings

Group Policy Results: Group Policy Results is a container available in GPMC. The following steps illustrate how to use Group Policy Results:

• In the left pane of GPMC, right-click the Group Policy Results container and select Group Policy Results Wizard

• In the Group Policy Results wizard, choose the target computer and users

• Click Next to see a summary of the selections made and click next to generate a report. Click Finish

The following information will be available in the right pane:

gpresult command line tool

The gpresult command line tool when executed, displays all the policy settings applied to a particular user or computer. For example, gpresult /user kevin /z will display all available information about the group policy applied to the user kevin. For more information about using this tool, use the command gpresult /?.