Show-GphGPO.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#requires -Version 2.0 -Modules ActiveDirectory
function Show-GphGPO
{
  <#
      .SYNOPSIS
      Opens the Group-Policy directly in Group Policy Editor
 
      .DESCRIPTION
      Show-GphGpo opens a Group Policy directly in Group-Policy Editor. You can call Show-GpgGpo with
      with the Policy-Name or the Policy-Guid, or even Pipe Policy-Objects into the cmdlet.
 
      .EXAMPLE
      Show-GphGPO -GpoName "default domain Policy
       
      Open the Default Domain Policy in Group Policy Editor
 
      .EXAMPLE
      Get-GPO | Where-Object { $_.ModificationTime -lt (get-date).addhours(-12) } | Show-GphGPO
       
      Open all Policies which were modified in the last 12 Hours in the Group Policy Editor
 
      .NOTES
      Author: Holger Voges
      Date: 2018-11-16
      Version: 1.0
  #>



  [cmdletbinding()]
  param(
    # The Display-Name of the Policy to open
    [Parameter(mandatory=$true,
               ValueFromPipelineByPropertyName=$true,
               ValueFromPipeline=$true,
               ParameterSetname='ByName')]
    [alias('DisplayName')]
    [string]$GpoName,

    # The GUID of the Policy to open
    [Parameter(mandatory=$true,
               ValueFromPipelineByPropertyName=$true,
               ValueFromPipeline=$true,
               ParameterSetname='ByGUID')]
    [string]$GpoGuid,

    # Enter the Domain of the GPO. If left out, Powershell will use the current domain
    [string]$Domain
  )

  Begin
  {
    $PoliciesCn = 'cn=Policies,cn=system'
    $domainDN = ( Get-ADDomain ).DistinguishedName

    $GpoParameter = @{
        Filter = {( objectclass -eq 'groupPolicyContainer' ) -and ( DisplayName -eq $GpoName )}
        SearchBase = "$PoliciesCn,$domainDN" 
        Properties = 'DisplayName'
    }
    If ( $domain )
    { 
        $GpoParameter.Add('Identity',$Domain)
    }
  }

  Process
  {
    $Gpc = Get-ADObject @GpoParameter
    Write-Verbose $Gpc
    gpme.msc /gpobject:('LDAP://{0}' -f $Gpc.DistinguishedName )
}}