Network Audit and Documentation, CENTREL Solutions Blog

You can easily read the Group Policy objects in a domain using PowerShell *(if the Group Policy Management Console feature is installed). Each Group Policy object can have a WMI filter assigned to them which are actually stored as separate objects. You can read the WMI filter setting using PowerShell with the following commands $gpo = Get-GPO "Default Domain Policy"; $gpo.WmiFilter|SELECT * However this doesn't show the actual WMI queries Luckily this can be solved easily by calling the GetQueryList() method on the WMI filter itself. $gpo = Get-GPO "Default Domain Policy"; $gpo.WmiFilter.GetQueryList(); The WmiFilter object is actually a .NET type Microsoft.GroupPolicy.WmiFilter - the methods of which are documented here. https://learn.microsoft.com/en-us/previous-versions/windows/desktop/wmi_v2/class-library/wmifilter-class-microsoft-grouppolicy  While you're here - Why not check out our  Group Policy Audit and Documentation Tool ?

When you try and assign permissions to the built-in TrustedInstaller account you may see the following error, An object (User, Group, or Built-in security principal) with the following name cannot be found: "TrustedInstaller". This error can occur when  The domain is selected in the "From this location" field - ensure that this is set to the computer account. The account name is entered as "TrustedInstaller" - ensure this is entered as "NT Service\TrustedInstaller". Then click Check Names.  While you're here - Why not check out our Windows Server Documentation and Audit Tool?