PowerView

You can only list the GPO's and not their settings

Get-DomainGPO
Get-DomainGPO -ComputerIdentity dcorp-student1

List GPO's that apply Restricted Groups which will have interesting users

Get users which are in a local group of a machine using GPO

If you can compromise a user in that group, it may be a local admin on all the workstations

Get-DomainGPOLocalGroup

Get machines where the given user is member of a specific group

Get-DomainGPOComputerLocalGroupMapping -ComputerIdentity
dcorp-student1

Get-DomainOU
Get-DomainOU -properties name

This is the GPO that applies to the OU <gplink>

Get GPO applied on an OU. Read GPOname from gplink attribute from Get-NetOU

Get-DomainGPO -Identity "{0D1CC23D-1F20-4EEE-AF64-
D99597AE2A6E}"

You can read what the settings are in the SYSVOL

(Get-DomainOU -identity <OU>).distinguishedname | 
%{Get-DomainComputer -SearchBase $_} | select name

Last updated 1 year ago