Security groups without applied GPOs (Windows)

Module: Active Directory

Supported Platforms: Windows 2000, Windows 2003, Windows 2008

This check reports all security groups in an ADS domain that do not have group policy objects (GPOs) applied to them. This check is intended to run only on domain controllers to produce results for specific domains.

The following table lists the error message for the check.

Table: Error message for Security groups without applied GPOs

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: ESM_GROUP_WITHOUT_APPLIED_GPOS Category: Policy Compliance	Windows 2000 (108135) Windows 2003 (208135) Windows 2008 (251135)	Title: GPOs are not applied to security groups Description:There are no group policy objects (GPOs) applied to the named security group through sites, domains, or organizational units. This could mean that your security policy is not enforced for this security group.	Severity: yellow-2 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: ESM_GROUP_WITHOUT_APPLIED_GPOS

Category: Policy Compliance

Windows 2000 (108135)
Windows 2003 (208135)
Windows 2008 (251135)

Title: GPOs are not applied to security groups

Description:There are no group policy objects (GPOs) applied to the named security group through sites, domains, or organizational units. This could mean that your security policy is not enforced for this security group.

Severity: yellow-2

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]