You might look at the Microsoft Baseline Security Analyzer (MBSA). I'm pretty sure it can do what you're looking for. Jamie Nelson | Systems Engineer | Systems Support, Information Technology | I N T E G R I S Health | Phone 405.552.0903 | Fax 405.553.5687 | http://www.integrisok.com <http://www.integrisok.com/> From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Pietrzak Sent: Tuesday, April 15, 2008 11:06 AM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Re: Nessus Compliance Checks for GPO ? I use the free nessus scanner for windows and as far as I know, it does not provide that functionality. It only checks for well known vulnerabilities that are identified by orgs like SANS, CVE etc etc. Michael Pietrzak San Diego State University From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Deepak J. Mathew Sent: Tuesday, April 15, 2008 6:41 AM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Nessus Compliance Checks for GPO ? Does anyone here use Nessus Vulnerbility scanner to check current GPOs of various windows servers? I'm wanting to see which servers are in compliance with our password policy from a remote location? Any ideas? A final report of the results is what I'm looking for. Thanks! Dee Deepak J. Mathew Systems Manager - Administrative Systems Rice University (t) 713-348-4328 This e-mail may contain identifiable health information that is subject to protection under state and federal law. This information is intended to be for the use of the individual named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited and may be punishable by law. If you have received this electronic transmission in error, please notify us immediately by electronic mail (reply).