Determine Out of Date Group Policy with PowerShell

This PowerShell script will check the registry for the last time the policy ran, calculate the current date and compare to a set value (30 Days). It will then return $true or $false if Group Policy has not run in more than 30 days.

# Capture the Registry values for the last time group policy ran.
$gpoRegPath="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}"
$loTime = Get-ItemProperty -Path $gpoRegPath -Name "EndTimeLo"
$hiTime = Get-ItemProperty -Path $gpoRegPath -Name "EndTimeHi"

# Calculate the date/time from the gathered information.
[string]$gpoDateTime = ([long]$hiTime.EndTimeHi -shl 32) + [long] $loTime.EndTimeLo
[string]$gpoDate = (([datetime]::FromFileTime($gpoDateTime)).Year).ToString() + "-" + (([datetime]::FromFileTime($gpoDateTime)).Month).ToString() + "-" + (([datetime]::FromFileTime($gpoDateTime)).Day).ToString()

# Capture the current date.
$currentDate = (Get-Date -Format "yyyy-MM-dd")

# Compare the $gpoDate to the $currentDate
$timeStamp = New-TimeSpan -Start $gpoDate -End $currentDate

# Return $true or $false if the date is greater than or equal to 30 days.
if ($timeStamp.Days -ge 30) {$true} else {$false}

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.