Select Page

GPO Deny Finder 1.0

This utility scans all GPOs in your domain and looks for Deny ACEs . If it finds them, it reports out the GPO, the Trustee (i.e. user,group, computer) that is assigned to the ACE and the permission that is set to denied (usually permGPOApply for Read and Apply Group Policy permissions).
Requires .Net Framework 3.5 and Win7/Server 2008-R2