Logo
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
EPL Standings
 
 
Windows Server

Windows Server 2008 Server Core : Managing System Users - Obtaining Group Policy Results with the GPResult Command

3/25/2011 2:20:05 PM
Use this command to obtain the Resultant Set of Policy (RSoP) for a particular user on a system. This command considers all of the security settings for both the computer and the user and creates a resultant policy—the policy that actually affects the user's security setup on the system. Microsoft provides a wealth of articles on RSoP. For example, you can see how RSoP affects Internet Protocol Security (IPSec) assignments at http://technet2.microsoft.com/windowsserver/en/library/35675107-c728-47cd-8ad9-bfd2d5e7fe0a1033.mspx. You'll also find an excellent article on planning and logging RSoP at http://www.windowsnetworking.com/articles_tutorials/Resultant-Set-Policy-Planning-Logging.html. This command uses the following syntax:
GPRESULT [/S system [/U [domain\]user [/P [password]]]]
[/SCOPE {USER | COMPUTER}] [/USER [domain\]targetuser] [/V | /Z]

The following list describes each of the command line arguments.


/S
system

Specifies the remote system that you want to check. In most cases, you'll also need to supply the /U and the /P command line switches when using this switch.


/U
[domain\]user

Specifies the username on the remote system. This name may not match the username on the local system. You'll need to supply a domain name when working with a domain controller.


/P
[password]

Specifies the password for the given user. You can provide the command line switch without specifying the password on the command line in cleartext. The system prompts you for the password. Using this feature can help you maintain the security of passwords used on your system.


/USER
[domain\]targetuser

Displays RSoP data for the specified user. You can check the information of users in other domains by including the user domain.


/SCOPE {USER | COMPUTER}

Specifies the scope of the output. You can display the user or computer information separately. The utility displays both user and computer information when you omit this command line switch.


/V

Displays verbose information about the user or computer. The amount of additional information you receive varies by system. The utility displays detail-specific settings that have a precedence of 1.


/Z

Displays superverbose information about the user or computer. The amount of additional information you receive varies by system. The utility displays detail-specific settings that have a precedence of 1 or higher. Using this command line switch lets you see whether a setting is set in multiple places.

Much of the Microsoft documentation leads you to believe that this utility is useless without having Active Directory installed. However, even without Active Directory, you can discover security information about a user with this utility. For example, you can verify that the system views the workstation as stand-alone, check the user's group participation, and verify local policies for the user.

Other -----------------
- Windows Server 2008 Server Core : Managing System Users - Configuring Profiles with the CMStP Utility
- Windows Server 2008 Server Core : Auditing User Access with the AuditPol Utility
- BizTalk Server 2010 : Configuring Core Server Settings
- BizTalk Server 2010 : Indicating Matches in Maps
- SharePoint 2010 : Publishing to Excel Services (part 2) - Allowing Parameter Input in Excel Web Access
- SharePoint 2010 : Publishing to Excel Services (part 1)
- Securing an Exchange Server 2010 Environment : Securing Outlook Web App
- Securing an Exchange Server 2010 Environment : Protecting Against Spam
- Securing an Exchange Server 2010 Environment : Securing Outlook 2007
- Securing an Exchange Server 2010 Environment : Securing Your Windows Environment
- Windows Server 2008 R2 Administration Tools for Desktops : Creating Custom Installations Using Capture Images
- Windows Server 2008 R2 : Creating Discover Images (part 3) - Pre-creating Active Directory Computer Accounts for WDS
- Windows Server 2008 R2 : Creating Discover Images (part 2) - Adding Drivers to Boot and Discover Images
- Windows Server 2008 R2 : Creating Discover Images (part 1) - Creating Bootable Media with Discover Boot Images and the Windows Automated Installation Kit
- BizTalk Server 2010 : Correcting Errors in Functoids
- BizTalk Server 2010 : Navigating the Mapping Surface
- BizTalk Server 2010 : Using the Relevance Tree View
- New SOA Capabilities in BizTalk Server 2009: WCF SQL Server Adapter - What is the WCF SQL Adapter?
- Using Windows PowerShell in an Exchange Server 2010 Environment : Using EMS to Do Reporting
- Exchange Server 2010 : Using EMS to Do Administrative Mailbox Tasks (part 2)
 
 
Most view of day
- Microsoft Exchange Server 2010 : Creating and Managing Accepted Domains (part 3) - Changing the Accepted Domain Type and Identifier , Removing Accepted Domains
- Windows Server 2012 Administration : Configuring Sites (part 3) - Establishing Site Links, Delegating Control at the Site Level
- BizTalk Server 2009 : Editing and Resubmitting Suspended Messages (part 2) - Pseudo-Walkthrough to Perform Edits and Resubmits
- Adobe Flash Catalyst CS5 : Applying and removing filters
- Configuring Startup and Troubleshooting Startup Issues : Understanding the Startup Process (part 1) - Power-on Self Test Phase, Initial Startup Phase
- Windows Server 2012 Group Policies and Policy Management : Understanding Group Policy (part 1) - GPO Storage and Replication
- Windows Server 2008 : Moving Accounts with dsmove, Removing Objects with dsrm, Retrieving Information about Objects with dsquery
- QuarkXPress 8 : Checking spelling (part 1) - Running a spell check, Creating custom spelling dictionaries
- Working with E-mail, Contacts, and Events : Add a Signature
- System Center Configuration Manager 2007 : Operating System Deployment - Task Sequences (part 3) - Task Sequence Targeting
Top 10
- Windows Server 2012 : DHCP,IPv6 and IPAM - Exploring DHCP (part 3) - Creating IPv4 DHCP Scopes
- Windows Server 2012 : DHCP,IPv6 and IPAM - Exploring DHCP (part 2) - Installing DHCP Server and Server Tools
- Windows Server 2012 : DHCP,IPv6 and IPAM - Exploring DHCP (part 1)
- Windows Server 2012 : DHCP,IPv6 and IPAM - Understanding the Components of an Enterprise Network
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 3) - Translating Text with the Mini Translator
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 2) - Translating a Word or Phrase with the Research Pane
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 1) - Setting Options for the Research Task Pane, Searching with the Research Task Pane
- Microsoft OneNote 2010 : Doing Research with Linked Notes (part 2) - Ending a Linked Notes Session, Viewing Linked Notes
- Microsoft OneNote 2010 : Doing Research with Linked Notes (part 1) - Beginning a Linked Notes Session
- Microsoft OneNote 2010 : Doing Research with Side Notes (part 3) - Moving Side Notes to Your Existing Notes
 
 
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro