How to use GPResult Command to Check Group Policy: Step-by-step Guide

Are you curious how you can check Group Policy in a fast and easy way? You’re in the right place. In this article, we’ll explore using the GPResult command to check group policy in a few different ways. Let’s get started.

What Is GPResult?

Group Policy is the primary administrative tool for defining and regulating how users and machines utilize applications, network resources, and the operating system. Group Policy is applied to users or machines in an Active Directory system based on their membership in sites, domains, or organizational units.

The Group Policy feature produces a set of policies upon login since you may apply overlapping tiers of approaches to any machine or user. GPResult shows the set of guidelines that were used to the machine upon login for the given user.

The Group Policy Results (GPResult.exe) command-line utility, designed for administrators, validates all policy settings in place for a single user or computer. Administrators can execute GPResult on any remote machine under their administrative scope.

By default, GPResult delivers the settings currently in effect on the machine that GPResult is being used on. Displays a user’s or a computer’s Group Policy settings and Resultant Set of Policy (RSOP). Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows 8, Windows 7, and Windows Vista support the GPResult command.

GPResult is a command-line utility that displays a user’s and computer’s Resultant Set of Policy (RSOP) information. To put it another way, it generates a report that shows which group policy objects have been applied to a user and computer.

If you utilize group policy in your environment, you should be familiar with using this tool. Administrators may use Group Policy to govern policy settings, install software, apply for permissions, and more across the whole domain. When you have many Group Policy Objects, you’ll want to ensure they’re all being applied to the same user or machine.

This article will teach you how to use the GPresult command-line tool to check which group policy items are applied to a user or computer.

The administrator of the operating system can identify the group policies that have been applied to the machine and the redirected directories and registry settings by using the command gpresult.exe.

GPresult Command

Go to the command prompt and type Gpresult /? to display the GPResult commands.

The description and parameter list of the resultant set of policies (RSoP) for a target user and the machine are shown in the output below.

Enter the following command in the CMD to see the results of the group policy objects settings that have been applied to your PC.

"gpresult /R"

As seen in screenshot 1, the output will provide the consequent set of policies for your desktop and the user account, which includes operating system configuration, OS version, User profile, site name, and link type. In addition, the User profile will detail other policies, such as the last time the policy was implemented, the domain name, domain type, and link threshold value.

Output of gpresult/R

The output for applied GP objects is likewise displayed in screenshot-2 of the GPResult command /R, as you can see. If the OS uses any form of filtering, it will show it together with the security policies applied to the system.

Exporting Gpresult Output

It’s not always enough to just deliver data to the command-line prompt. Perhaps you’ll need to create a report or discuss the findings with others. In such a situation, you’ll need to convert the results to a different format.

GPResult output can be exported in several different ways.

Creating a Text File from the Results

Using the command prompt or PowerShell’s output redirection function is one of the simplest methods to export results to a file. By using the redirection operator > followed by a text file name to “pipe” the command-line results to a file, the text will include precisely what you see in the console.

The command below will return all RSOP data and produce a file named C: \Temp\RSOP.txt that contains the whole GPResult command results.

Gpresult /R > c:\RsopReport.txt

GPResult/S – For remote Computer:  The /S command displays the settings and group policy information on a remote machine.

Syntax1

gpresult/s COMPUTERNAME’

This command may also be used to show the remote machine or server’s user and computer settings. We may also observe the remote system’s verbose settings and parameters. We just require the remote end system’s credentials, and the system must be in the same domain as the host system.

Syntax2

gpresult /S system /U username /P password /SCOPE USER /V

The example is shown with the help of a screenshot

The error notice appears because the system is not linked to the remote user.

gpresult /S system /USER targetusername/SCOPE COMPUTER /V is the syntax for seeing the remote computer’s settings.

As a result, the system command combined with the SCOPE command may obtain all essential information from the network’s remote end machine and user.

GPResult/H – To export output to HTML

It is difficult to view the summary data for group policies objects from the command prompt in detail every time. As a result, we may export the data into HTML format to make it more understandable.

In this case, the /H command with the location and file name indicates where the file will be stored, as shown in the image below.

The HTML-formatted output may be seen in a web browser by navigating to the location where it was stored and clicking open with the browser. This is also demonstrated in the screenshot below.

Group Policy For Specific Users

The group policies for a given user or system in the network domain are displayed using this command. You must be aware of the user’s credentials to show the individual user policy summary.

The command is as follows:

gpresult /S system /U username /P password

If you want to examine the policy information and other data for the user “NEHA,” use the command and look at the output in the image below. It will show you all of the user’s settings and OS information.

GPResult Scope Command

The /SCOPE command determines whether or not the network’s user and machine settings should be shown. “USER” or “COMPUTER” is the syntax for this command.

The scope command may also view the remote computers, target users, and target computer’s settings. To access the information, you only need the credentials of the small end-user.

gpresult /R / SCOPE COMPUTER is now the command to display the remote computer settings.

GPResult Force Command

This command instructs the Gpresult to replace any existing filenames supplied by the /H or /X commands.

Gpresult /F /H targetlocationgpresultoutput.Html is the syntax.

The command will replace the content of the target location filename stored at the specified location, as seen in the above picture. The location of the updated file is shown below, and it may be seen using a web browser such as Google Chrome.

Using the Microsoft PowerShell Tool to Configure Group Policy

To configure group policies in Windows Server and Windows clients, use the Windows PowerShell utility with remote server administration tools (RSAT) installed on the client or server.

Many PowerShell commands may extract various OS parameters and examine the resulting set of policies (RSoP) for the remote server and PC. This program may be used to simultaneously set and examine the system parameters of several systems in a network.

Conclusion

We’ve explained what Group Policy Commands are and how to use those using examples and images. However, as previously indicated, numerous sorts of commands may be used to extract the appropriate group set of policies, each with its own set of implications.

When we need to create and test group rules for many devices and users on the network, we utilize the Microsoft Power shell program. The tool’s capabilities are enormous, and we’ll go through them quickly below.