Logo
PREGNANCY
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
 
 
Windows Server

Windows Server 2008 Server Core : Managing System Users - Obtaining Group Policy Results with the GPResult Command

3/25/2011 2:20:05 PM
Use this command to obtain the Resultant Set of Policy (RSoP) for a particular user on a system. This command considers all of the security settings for both the computer and the user and creates a resultant policy—the policy that actually affects the user's security setup on the system. Microsoft provides a wealth of articles on RSoP. For example, you can see how RSoP affects Internet Protocol Security (IPSec) assignments at http://technet2.microsoft.com/windowsserver/en/library/35675107-c728-47cd-8ad9-bfd2d5e7fe0a1033.mspx. You'll also find an excellent article on planning and logging RSoP at http://www.windowsnetworking.com/articles_tutorials/Resultant-Set-Policy-Planning-Logging.html. This command uses the following syntax:
GPRESULT [/S system [/U [domain\]user [/P [password]]]]
[/SCOPE {USER | COMPUTER}] [/USER [domain\]targetuser] [/V | /Z]

The following list describes each of the command line arguments.


/S
system

Specifies the remote system that you want to check. In most cases, you'll also need to supply the /U and the /P command line switches when using this switch.


/U
[domain\]user

Specifies the username on the remote system. This name may not match the username on the local system. You'll need to supply a domain name when working with a domain controller.


/P
[password]

Specifies the password for the given user. You can provide the command line switch without specifying the password on the command line in cleartext. The system prompts you for the password. Using this feature can help you maintain the security of passwords used on your system.


/USER
[domain\]targetuser

Displays RSoP data for the specified user. You can check the information of users in other domains by including the user domain.


/SCOPE {USER | COMPUTER}

Specifies the scope of the output. You can display the user or computer information separately. The utility displays both user and computer information when you omit this command line switch.


/V

Displays verbose information about the user or computer. The amount of additional information you receive varies by system. The utility displays detail-specific settings that have a precedence of 1.


/Z

Displays superverbose information about the user or computer. The amount of additional information you receive varies by system. The utility displays detail-specific settings that have a precedence of 1 or higher. Using this command line switch lets you see whether a setting is set in multiple places.

Much of the Microsoft documentation leads you to believe that this utility is useless without having Active Directory installed. However, even without Active Directory, you can discover security information about a user with this utility. For example, you can verify that the system views the workstation as stand-alone, check the user's group participation, and verify local policies for the user.

Other -----------------
- Windows Server 2008 Server Core : Managing System Users - Configuring Profiles with the CMStP Utility
- Windows Server 2008 Server Core : Auditing User Access with the AuditPol Utility
- BizTalk Server 2010 : Configuring Core Server Settings
- BizTalk Server 2010 : Indicating Matches in Maps
- SharePoint 2010 : Publishing to Excel Services (part 2) - Allowing Parameter Input in Excel Web Access
- SharePoint 2010 : Publishing to Excel Services (part 1)
- Securing an Exchange Server 2010 Environment : Securing Outlook Web App
- Securing an Exchange Server 2010 Environment : Protecting Against Spam
- Securing an Exchange Server 2010 Environment : Securing Outlook 2007
- Securing an Exchange Server 2010 Environment : Securing Your Windows Environment
- Windows Server 2008 R2 Administration Tools for Desktops : Creating Custom Installations Using Capture Images
- Windows Server 2008 R2 : Creating Discover Images (part 3) - Pre-creating Active Directory Computer Accounts for WDS
- Windows Server 2008 R2 : Creating Discover Images (part 2) - Adding Drivers to Boot and Discover Images
- Windows Server 2008 R2 : Creating Discover Images (part 1) - Creating Bootable Media with Discover Boot Images and the Windows Automated Installation Kit
- BizTalk Server 2010 : Correcting Errors in Functoids
- BizTalk Server 2010 : Navigating the Mapping Surface
- BizTalk Server 2010 : Using the Relevance Tree View
- New SOA Capabilities in BizTalk Server 2009: WCF SQL Server Adapter - What is the WCF SQL Adapter?
- Using Windows PowerShell in an Exchange Server 2010 Environment : Using EMS to Do Reporting
- Exchange Server 2010 : Using EMS to Do Administrative Mailbox Tasks (part 2)
 
 
Most view of day
- Windows Phone 8 : Orientation and the PhoneApplicationPage Class (part 3) - Setting Page Orientation at Runtime
- Configuring Startup and Troubleshooting Startup Issues : Understanding the Startup Process
- Microsoft Visio 2010 : Using Special Shape Features (part 2) - Control Handles , Hyperlinks, Action Tags
- Windows Phone 8 : Orientation and the PhoneApplicationPage Class (part 2) - PhoneApplicationPage Orientation Property
- Windows Phone 7 : Running XNA Projects in Windows (part 2) - Display Differences
- Windows Phone 8 : Scheduled Tasks - To-Do List Scheduled Task Sample (part 3) - Debugging Scheduled Tasks
- Microsoft Excel 2010 : Calculating the Mode (part 2) - Getting the Mode of Categories with a Formula - Using an Array Formula to Count the Values
- Working with E-mail, Contacts, and Events : Add a Signature
- Windows Phone 8 : Configuring Basic Device Settings - Accessing the Device Settings Screen - Changing the Device Theme
- SQL Server 2012 : Transact-SQL - The VetClinic Sample Database Revisited, Data Types
Top 10
- Microsoft Sharepoint 2013 : Understanding app patterns (part 5) - Building MVC apps - Introducing MVC4
- Microsoft Sharepoint 2013 : Understanding app patterns (part 4) - Building MVC apps - Understanding web form challenges
- Microsoft Sharepoint 2013 : Understanding app patterns (part 3) - Building MVVM apps - Utilizing promises
- Microsoft Sharepoint 2013 : Understanding app patterns (part 3) - Building MVVM apps - Utilizing promises
- Microsoft Sharepoint 2013 : Understanding app patterns (part 2) - Building MVVM apps - Introducing knockout
- Microsoft Sharepoint 2013 : Understanding app patterns (part 1) - Building MVVM apps - Understanding JavaScript challenges
- Microsoft Access 2010 : Report Properties and Why to Use Them, Basing Reports on Stored Queries or Embedded SQL Statements
- Microsoft Access 2010 : Working with Sorting and Grouping (part 2) - Sorting and Grouping Settings
- Microsoft Access 2010 : Working with Sorting and Grouping (part 1) - Add Sorting and Grouping to a Report
- Microsoft Access 2010 : Building Reports Based on More Than One Table (part 3) - Working with Subreports
 
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro