Group Policy Diagnostic Best Practice Analyzer is now available for download

Have you ever wished for a tool to help you identify Group Policy configuration problems…even those that, at first glance, might not seem to be related to Group Policy? How about a tool that can warn you if your Group Policy configuration might pose a security risk?

The Group Policy Diagnostic Best Practice Analyzer (GPDBPA) can provide information to help you respond to situations such as:

· Policy settings are not being applied as expected.

· A feature is not functioning as expected (for example, a mapped drive is not visible on client computers).

· A computer has:

o Stopped responding during logon or startup.

o Restarted during logon or startup.

o Experienced delays during logon or startup.

· Policy settings may be configured in a way that poses a security risk.

· Necessary services may not be running.

· You may be connecting over a slow link.

· Loopback mode may be in effect unintentionally.

Using the GPDBPA, you can scan the Group Policy configuration on either a client computer (managed node) or a domain controller, and view a report of potential issues. Additionally, you can schedule a scan to run at a future time, or schedule scans to run on a recurring basis.

You can download the GPDBPA at


· Q: Is there a version of the GPDBPA that runs on Vista?
A: Not yet. No ETA for it at this time.

· Q: Will there be localized versions of the GPDBPA?
A: Currently, there are no plans to localize it.

Linda Moore

Technical Writer, Group Policy