Group Policy in Windows Server 2012: Results Report Improvements


Another change we made in Windows Server 2012 is in the Resultant Set of Policy reports. In previous versions of Server, you had to look at the results report, and the event log, and the tracing logs to find all the information you needed about why policy did or did not apply. Now, we’ve consolidated most of that information right into the results report to make troubleshooting Group Policy easier.

The biggest change we made is to the Summary section.

Here’s what the summary section used to look like:


And here’s what it looks like now:


As you can see, we summarized important information that was previously difficult to find, like loopback mode, slow link detection, and GPOs with enforce (or have block inheritance enabled)

We also added information to the computer/user details. Now we show how long client side extensions take to process, the last time an extension processed and detailed event log information from the latest pass of policy.

We also added more detail to the report, including sorting information by GPO, showing where the GPOs were linked, and reporting on modifiers like “enforced” or “disabled”.

How you run the GP results report hasn’t changed. If you choose to run it from the GPMC against a remote client, the client needs the following firewall ports opened:

· Remote Event Log Management (NP-In)

· Remote Event Log Management (RPC)

· Remote Event Log Management (RPC_EPMAP)

· Windows Management Instrumentation (WMI-In)

Running it this way against a downlevel client still gets you the new format and most of the new information.

The command line GP results functionality still works. You can run gpresult.exe /h out.html on a client machine to have the report created as out.html. However, this will only get you the new format and information when it’s run on a Windows “8” machine.