gpupdate

Hello All,

Hope this post finds you in good health and spirit.

This post is regarding GPUpdate command:

gpupdate

GPupdate is command line utility of Microsoft and that comes with all version of Windows operating systems which update the group policies on system that have changed. For example,you have made the changes in one of group policy that map the shared folder for users, to apply this policy on users, you have to update the group policy on system by running the GPupdate command.

Once you run the command group policies will be updated.

GPUpdate Command: How to force a group policy update

gpupdate /force 

GPupdate is command line utility of Microsoft and that comes with all version of Windows operating systems which update the group policies on system that have changed.

It is preferable to just execute gpupdate without the /force switch to implement new policy settings if you have a big client or many of GPOs. The workload on the client and domain controllers will be reduced because this will only receive modifications or new group policies.

GPupdate /Force command will reapplied all group policies settings forcefully. By default, only policy settings that have changed are applied.

Start and search the Windows PowerShell or Command Prompt

Type gpupdate /force and press enter

Wait for the Computer and User policy to update

Once command is executed, All Group polices are reapplied as per below screenshot.

A reboot is necessary to be sure that all settings are applied so please reboot your computer.

Only user or computer group policies updates

It might be helpful to just update what is necessary if you have a big environment or need to update the group policies on several computers at once. This is obviously quicker and will decrease the burden on the domain controllers.

The /target switch can be used to do this. This allows you to update only the GPOs for the user or computer.

Update only the user policies
gpupdate /target:user

Update only the computer policies

gpupdate /target:computer

What is the Refresh interval for Group Policy?

Refresh interval time play a major role to update or refresh the group policy for DCs as well clients. Refresh interval means how long a domain controller can get the update from another domain controller respective to group policy and same happens between domain controller to client machines after a set of time duration.

Example, Suppose we made the changes in group policy and that is being applied to users. Group policy changes will not applying immediately, we have to wait for group policy refresh as default its set to 90 minutes. Group policy will automatically applying or refresh settings after 90 minutes of refresh interval.

Yes, there is also two more options to update the group policy immediately and one is update the group policy forcefully on computer by executing the GPUPDATE /Force. It updates the group policies immediately on client machine.

Second one is, Open the group policy console and go to OU where group policy is linked and right click and update, it will update the group policy for all objects that are available in OU.

Default refresh interval for Domain Controllers is 5 minutes, and the refresh interval for all other computers in the network is 90 minutes and we can also change it by editing the domain policy.

What Is Group Policy?

Group Policy is a Windows feature that contains a variety of advanced settings, particularly for network administrators. However, local Group Policy can also be used to adjust settings on a single computer. Group Policy isn’t designed for home users, so it’s only available on Professional, Ultimate, and Enterprise versions of Windows. The settings that you configure are stored in a Group Policy Object (GPO), which is then associated with Active Directory objects such as sites, domains, or organizational units. Group policies cover many different aspects of the network, desktop, and software configuration environment, including:

• Application deployment policies: These policies assign or publish applications to users or computers, and affect the applications that users access on the network.
• File deployment policies: These policies allow an administrator to place files in special folders on the user’s computer, such as the desktop or My Documents areas.
• Script policies: Using a script policy, an administrator can specify scripts that should run at specific times, such as login/logout or system startup/shutdown.
• Software policies: Administrators can use software policies to globally configure most of the settings in user profiles, such as desktop settings, Start menu options, and applications.
• Security policies: These policies allow an administrator to restrict user access to files and folders, configure how many failed login attempts will lock an account, and control user rights.

How Group Policy Objects Processed GPOs are applied in a the following order – a very predictable and logical order

• Local
• Site .
• Domain
• Organizational Units

1. Local – Any settings in the computer’s local policy. Prior to Windows Vista, there was only one local group policy stored per computer. Windows Vista and later Windows versions allow individual group policies per user accounts.
2. Site – Any Group Policies associated with the Active Directory site in which the computer resides. (An Active Directory site is a logical grouping of computers, intended to facilitate management of those computers based on their physical proximity.) If multiple policies are linked to a site, they are processed in the order set by the administrator.
3. Domain – Any Group Policies associated with the Windows domain in which the computer resides. If multiple policies are linked to a domain, they are processed in the order set by the administrator.
4. Organizational Unit – Group policies assigned to the Active Directory organizational unit (OU) in which the computer or user are placed. (OUs are logical units that help organizing and managing a group of users, computers or other Active Directory objects.) If multiple policies are linked to an OU, they are processed in the order set by the administrator.

The resulting Group Policy settings applied to a given computer or user are known as the Resultant Set of Policy (RSoP). RSoP information may be displayed for both computers and users using the gpresult command. How Often Group Policy is updated

As you can see, Group Policy is an essential tool for automating otherwise tedious and time-consuming tasks.  Do you have tried and true Group Policies that are indispensable to you as a sysadmin? If so, we’d love to hear about them in the comments!

So, that’s all in this blog. I will meet you soon with next stuff .Have a nice day!!!

Recommended contents

• GP Result
• What is Group Policy
• Group Policy Update
• Design Considerations for Group-Policy
• What is the Refresh Interval for Group Policy
• Group Policy templates and containers
• Group Policy objects
• Group Policy health check
• Group Policy health check on specific domain controller
• Group Policy verification tool gpotool exe
• how to find the group policy guid
• Group Policy understanding group policy preferences
• Group Policy management process

Guys please don’t forget to like and share the post. You can also share the feedback on below windows techno email id.

If you have any questions feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.