+ Reply to Thread
Results 1 to 19 of 19
  1. Junior Member
    Join Date
    Mar 2005
    Posts
    27

    Certifications
    MCP 70-270
    #1

    Default Export GPO to csv file

    Hi,

    I need to re-do a GPO at work and apply it to a fresh OU. I've only just started studying for the 290 so please forgive me if this is something i should know. But is there a utility in Server 2003 that i can use to export the current GPO to a CSV file so i can then go through and see which settings are enabled/disabled. The aim is to create a new improved GPO based on the old one,

    many thanks!
    Reply With Quote Quote  

  2. SS -->
  3. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #2
    From the GPMC open the GPO for editing, then select ACTION>Export List and you can save it as a csv, tab-delimited text, or whatever.

    Might take you a while to get everything you want though. It's easier to save the report as an html or xml file than it is a spreadsheet unfortunately.
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Mar 2005
    Posts
    27

    Certifications
    MCP 70-270
    #3
    Thanks for the reply Sprkymrk. Ive just had a look at this and i can only get it to export the details of the currently selected settings - rather then the entire GPO. Is this what you meant by it being time consuming?

    It's easier to save the report as an html or xml file than it is a spreadsheet unfortunately
    could you elaborate on how to do this. it doesnt have to be a csv file, i would just like to be able to easily view all the settings at a glance when making the new GPO?

    cheers
    Reply With Quote Quote  

  5. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #4
    Quote Originally Posted by Gav0
    Thanks for the reply Sprkymrk. Ive just had a look at this and i can only get it to export the details of the currently selected settings - rather then the entire GPO. Is this what you meant by it being time consuming?
    Yes.

    Quote Originally Posted by Gav0
    Quote Originally Posted by sprkymrk
    It's easier to save the report as an html or xml file than it is a spreadsheet unfortunately
    could you elaborate on how to do this. it doesnt have to be a csv file, i would just like to be able to easily view all the settings at a glance when making the new GPO?

    cheers
    Sure, you open the GPMC, right click the GPO and select "Save Report".
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    Mar 2005
    Posts
    27

    Certifications
    MCP 70-270
    #5
    Perfect!

    Im almost embarresed by the simplicity of the solution

    This is exactly what im after - thanks again
    Reply With Quote Quote  

  7. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #6
    Your welcome. I like simple questions. Otherwise I let dynamik or royal answer them.
    Reply With Quote Quote  

  8. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #7
    Quote Originally Posted by sprkymrk
    Your welcome. I like simple questions. Otherwise I let dynamik or royal answer them.
    Mark, don't be so modest! You're definitely more knowledgeable than I am.
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #8
    Quote Originally Posted by royal
    Quote Originally Posted by sprkymrk
    Your welcome. I like simple questions. Otherwise I let dynamik or royal answer them.
    Mark, don't be so modest! You're definitely more knowledgeable than I am.
    Haha. And I fall well below both of you. I'm very knowledgeable over a small body of knowledge (and I'm great at using Google). Whenever the threads drift to Exchange, ISA, scripting, or any other enterprise-level task, I usually just sit back and observe. That was a nice gesture though, Mark
    Reply With Quote Quote  

  10. ROFL-Copter pilot snadam's Avatar
    Join Date
    Dec 2006
    Location
    AZ
    Posts
    2,235

    Certifications
    JNCIP-SEC, JNCIS-SEC, JNCIA-JunOS, CCNA, CCENT, MCSE 2003, MCSA 2003, MCP, Network+, Security+
    #9
    Quote Originally Posted by sprkymrk
    Your welcome. I like simple questions. Otherwise I let dynamik or royal answer them.

    And I just silently ***** around to see if my answer matches up with yours
    Reply With Quote Quote  

  11. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #10
    Quote Originally Posted by snadam
    Quote Originally Posted by sprkymrk
    Your welcome. I like simple questions. Otherwise I let dynamik or royal answer them.

    And I just silently ***** around to see if my answer matches up with yours
    Actually, together we make a great team. We should start our own consulting company. Dynamic can be the all-around Windows guy, Royal can do the DNS and Exchange stuff, and I'll get the coffee ready in the morning and bring donuts to the meetings.

    Hey snadam, we need one more guy to do everything else, what do you say? You in?
    Reply With Quote Quote  

  12. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #11
    Quote Originally Posted by sprkymrk
    Quote Originally Posted by snadam
    Quote Originally Posted by sprkymrk
    Your welcome. I like simple questions. Otherwise I let dynamik or royal answer them.

    And I just silently ***** around to see if my answer matches up with yours
    Actually, together we make a great team. We should start our own consulting company. Dynamic can be the all-around Windows guy, Royal can do the DNS and Exchange stuff, and I'll get the coffee ready in the morning and bring donuts to the meetings.

    Hey snadam, we need one more guy to do everything else, what do you say? You in?
    Deal, but you guys can come down to Chicago. I ain't moving!
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Nov 2007
    Location
    Norway
    Posts
    232

    Certifications
    MCTS, MCSA
    #12
    Speaking of GPMC, I haven't seen it being mentioned in any practice exam questions so far, will there be questions related to GPMC in the exam?

    I want to know this, because in GPMC you can control what users, groups etc within the OU/domain will be affected by the GPO, which indirectly gives you the ability to "link" GPO's to other objects in AD than OUs.

    And I think it again can give you access to create password policies for spesific users, even if password policies are supposed to be domainwide?
    Reply With Quote Quote  

  14. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #13
    I think I started to see GPMC once I hit the 70-294 exam.
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Nov 2007
    Location
    Norway
    Posts
    232

    Certifications
    MCTS, MCSA
    #14
    So there are no questions about GPMC, GPO inheritance and such in the 290 exam?
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #15
    Quote Originally Posted by royal
    I think I started to see GPMC once I hit the 70-294 exam.
    Same here. You need to know what group policy is, does, and is capable of, but you don't need to actually configure anything this early on.
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Nov 2007
    Location
    Norway
    Posts
    232

    Certifications
    MCTS, MCSA
    #16
    Ah ok, because I have the official course material for this exam, and that goes into lengthy details to explain GPMC, GPO inheritance and such. It also explains AD object permissions. Both of these things are not mentioned in the training kit at all.

    Of course knowning this stuff won't hurt, but at the same time, it can be a bit too much for what is essentially the "entry" exam for the Server 2003.

    I've never seen any talk about AD object permissions and GPMC (I actually had never heard of it until you guys mentioned it, and I looked it up in the official course book) in any practice exams either.
    Reply With Quote Quote  

  18. Nidhoggr, the Net Serpent Claymoore's Avatar
    Join Date
    Nov 2007
    Location
    FL
    Posts
    1,622

    Certifications
    AWS Architect, MCSEx3, MCITPx6, MCTSx17
    #17
    Quote Originally Posted by Dracula28
    And I think it again can give you access to create password policies for spesific users, even if password policies are supposed to be domainwide?
    Password policies are applied at the domain level only, although they can be in a separate GPO and don't have to be in the Default Domain Policy. Not really 290 material - more 294 and certainly 297. One of the few (good) reasons to have separate domains in a forest is so you can enforce different password requirements.
    Reply With Quote Quote  

  19. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #18
    Quote Originally Posted by Claymoore
    Quote Originally Posted by Dracula28
    And I think it again can give you access to create password policies for spesific users, even if password policies are supposed to be domainwide?
    Password policies are applied at the domain level only
    That's partially correct. Password policies that affect domain accounts can only be applied at the domain root level in the OU structure. You can still apply password policies at lower levels, but these password policies will only apply to local accounts where that specific computer is joined to that domain.
    Reply With Quote Quote  

  20. Nidhoggr, the Net Serpent Claymoore's Avatar
    Join Date
    Nov 2007
    Location
    FL
    Posts
    1,622

    Certifications
    AWS Architect, MCSEx3, MCITPx6, MCTSx17
    #19
    Quote Originally Posted by royal
    That's partially correct. Password policies that affect domain accounts can only be applied at the domain root level in the OU structure. You can still apply password policies at lower levels, but these password policies will only apply to local accounts where that specific computer is joined to that domain.
    I did not know that. Just proves that if you hang out on this site, you can learn something new every day - thanks, royal!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks