Recipe 9.4 Deleting a GPO

Previous page
Table of content
Next page

9.4.1 Problem

You want to delete a GPO.

9.4.2 Solution

9.4.2.1 Using a graphical user interface

  1. Open the GPMC snap-in.

  2. In the left pane, expand the Forest container, expand the Domains container, browse to the domain of the target GPO, and expand the Group Policy Objects container.

  3. Right-click on the target GPO and select Delete.

  4. Click OK to confirm.
9.4.2.2 Using a command-line interface
> deletegpo.wsf <GPOName> [/domain:<DomainDNSName>]
9.4.2.3 Using VBScript
' This code deletes the specified GPO. ' ------ SCRIPT CONFIGURATION ------ strGPO      = "<GPOName>"        ' e.g. My New GPO strDomain   = "<DomainDNSName>"  ' e.g. rallencorp.com ' ------ END CONFIGURATION --------- set objGPM = CreateObject("GPMgmt.GPM") set objGPMConstants = objGPM.GetConstants( )    ' Initialize the Domain object set objGPMDomain = objGPM.GetDomain(strDomain, "", objGPMConstants.UseAnyDC) ' Find the GPO set objGPMSearchCriteria = objGPM.CreateSearchCriteria objGPMSearchCriteria.Add objGPMConstants.SearchPropertyGPODisplayName, _                          objGPMConstants.SearchOpEquals, cstr(strGPO) set objGPOList = objGPMDomain.SearchGPOs(objGPMSearchCriteria) if objGPOList.Count = 0 then    WScript.Echo "Did not find GPO: " & strGPO    WScript.Echo "Exiting."    WScript.Quit elseif objGPOList.Count > 1 then    WScript.Echo "Found more than one matching GPO. Count: " & _                 objGPOList.Count    WScript.Echo "Exiting."    WScript.Quit else    WScript.Echo "Found GPO: " & objGPOList.Item(1).DisplayName end if ' Delete the GPO objGPOList.Item(1).Delete WScript.Echo "Successfully deleted GPO: " & strGPO

9.4.3 Discussion

When you delete a GPO through the GPMC, it attempts to find all links to the GPO in the domain and will delete them if the user has permissions to delete the links. If the user does not have the necessary permissions to remove the links, the GPO will still get deleted, but the links will remain intact. Any links external to the domain the GPO is in are not automatically deleted. It is for this reason that it is a good practice to view the links to the GPO before you delete it. Links to deleted GPOs show up as "Not Found" in GPMC.

9.4.3.1 Using VBScript

I use a GPMSearchCriteria object to find the GPO that is equal to the display name of the GPO specified in the configuration section. I use an if elseif else conditional statement to ensure that only one GPO is returned. If zero or more than one are returned, I abort the script. If only one is returned, I used the GPMGPO.Delete method to delete the GPO.

9.4.4 See Also

Recipe 9.11 for viewing the links for a GPO and MSDN: GPMGPO.Delete


Previous page
Table of content
Next page
Active Directory Cookbook
Active Directory Cookbook, 3rd Edition
ISBN: 0596521103
EAN: 2147483647
Year: 2006
Pages: 456
Authors: Laura E. Hunter, Robbie Allen
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
MySQL Stored Procedure Programming
The CISSP and CAP Prep Guide: Platinum Edition
Managing Enterprise Systems with the Windows Script Host
Java How to Program (6th Edition) (How to Program (Deitel))
Cisco Voice Gateways and Gatekeepers
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy