Thursday, May 22, 2014

Remote GPUpdate on Windows Server 2012


You often need to run ‘gpupdate /force’ to ensure the latest policy is applied to systems. Now you can remotely run this command. This method creates a task through task scheduler. The task will execute within the next 10 minutes, which runs the ‘gpupdate /force’ locally on the machine.

This uses a remote connection, you will need the firewall rules enabled on clients.

  • Remote Scheduled Tasks Management (RPC)
  • Remote Scheduled Tasks Management (RPC-EPMAP)
  • Windows Management Instrumentation (WMI-In)

There are two ways you can invoke a remote Group Policy update.


From the GPMC, right click on an OU that contains computer objects. Click the “Group Policy Update” option.

This will run a ‘gpupdate /force’ on all computers in the OU, and any sub-OUs. Computer policy will be refreshed for each computer, and user policy will be refreshed for any and all users currently logged into those computers.




The Invoke-gpupdate cmdlet is part of the Group Policy Powershell Module.

An example of the most basic use of invoke-gpupdate:

Invoke-gpupdate computername

The completion of this cmdlet will put a task on the computer that will execute a gpupdate /force

Want to run it on many in series?

$cn = Get-ADComputer -filter { name -like 'my*hyperv*' } | select -ExpandProperty dnshostname

$cn | % { Invoke-GPUpdate -Computer $_ }

No comments:

Blog Archive