[gptalk] Re: Script to add multiple GPOs with different restricted groups

  • From: "Hendrikus Terwint \(SEDIRSI-Prestataire\)" <terwint.hendrikus.prestataire@xxxxxxxxxxxxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Wed, 16 Apr 2008 10:05:19 +0200

Hi again,


I looked at a GPO with Restricted Groups configured, and found a GptTmpl.inf 
file in it (on the sysvol) - maybe this would do the job:

·         Export a GPO with some Restricted Groups configured

·         Build a script that modifies the GptTmpl.inf file with the right 
group SIDs and imports this to the newly linked GPOs... something like that


If anyone has another idea (or a script that does something alike), this would 
be greatly appreciated J


Best regards,



De : gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] De la 
part de Hendrikus Terwint (SEDIRSI-Prestataire)
Envoyé : mercredi 16 avril 2008 09:55
À : gptalk@xxxxxxxxxxxxx
Objet : [gptalk] Script to add multiple GPOs with different restricted groups


Hello everybody,


Could anyone put me on the right track for a script that:

·         Runs thru every child OU in the OU=Servers

·         Creates GPOs (GPO names built on child OU names)

·         Links the GPOs to the child OUs

·         Configures these GPOs with Restricted Groups

o   Different Restricted Groups for each GPO (group names built on child OU's 


I was thinking of using the gpmc script "CreateGPO.wsf", then dynamically 
modify a migtable file in order to import the appropriate Restricted Groups 
into the GPOs.... ?

Maybe Powershell could provide a solution?


Has anyone done this before?


Hendrikus TERWINT

Consultant Avanade France



Prestataire pour le compte de SEDI-RSI, site de Bagnolet

Tél. : 01 55 82 39 70


Other related posts: