Get-GphUnlinkedGPOs.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
function Get-GphUnlinkedGPOs
{
  <#
      .SYNOPSIS
      Find all unlinked Group-Policys in a domain
 
      .DESCRIPTION
      This function finds all unlinked Group Policys in a domain. The optional Parameter -domain defines where to search for unlinked GPOs.
 
      .EXAMPLE
      Get-UnlinkedGPOs
      Starts a search for unlinked gpos in the current domain.
  #>


  [CmdletBinding()]
  param(
    [string]
    $domain
  )
  
  If ( -not ( $domain ))
  { 
    $domainObject = Get-ADDomain
  }
  else
    { $domainObject = Get-ADDomain -Identity $domain }  
  Write-Verbose -Message ("{0}" -f $domainObject.LinkedGroupPolicyObjects)
  [regex]$GUID = '[A-Fa-f\d]{8}-[A-Fa-f\d]{4}-[A-Fa-f\d]{4}-[A-Fa-f\d]{4}-[A-Fa-f\d]{12}'
  [array]$Policies = $guid.matches( $domainObject.LinkedGroupPolicyObjects ).Value
  $Policies += $guid.matches(( Get-ADOrganizationalUnit -filter * ).LinkedGroupPolicyObjects).Value
  Get-GPO -all | Where-Object { $_.id -notin $Policies }
}