How to query endpoints for GPO or their registry settings and build a list

  • 22 June 2022
  • 1 reply




We are looking to query endpoints to see if they have certain GPO’s applied and want to build a list of who has or doesn't have the two GPO’s.

The evaluation code in the below worklet looks like it can identify the GPO’s by the registry setting.

 Any idea’s or help in accomplishing the remainder of our use-case would be appreciated.

1 reply



You can wrap the gpresult /r /scope:computer command into a Worklet’s remediation code to achieve this.


In your worklet, set the Evaluation code to an Exit 1 so that it immediately triggers the Remediation code:

Exit 1



In the Remediation code, use the following code:

$cmdCommand = 'C:\Windows\System32\gpresult.exe'

$Call = (& $cmdCommand '/r' '/scope:computer')

Write-Output $Call


This will invoke gpresult.exe with the /r and /scope:computer switches and output the results to the Log Summary of Automox Activity Log.


Optional: You can export the Activity Log results to a CSV and filter through to see which devices have inherited which GPOs.


Have a great day!