We will now breakdown each section and provides a little more information of the details that are displayed in each section, the details are the same for the computer and user policies, where there are differences these are called out below.

GPO Processing Status

The first three entries provide the details on the status of the policy engine, Operation Completed Normally is displayed if the engine completed without any errors, however, if an error occurred the error details will be displayed.  Next is the start and finish times for the last time the Policy Engine ran. The Link Speed option is only displayed in the machine section, and will display a warning if the link speed test has been identified that the machine is connected to the domain controller over a slow link as defined by the policy configuration settings.

Policies Results

The policies that are applied are displayed next, they are listed in the order in which they are applied.  For policies that have been applied a green icon is shown next to the name of the policy, if a policy is not applied a red icon is displayed.  You can expand the item to display the details of the policy and the reasons why the policy was not applied.

GPO Details

When a policy is expanded it shows the details from the GPO engine. By default the icon colour for these items is blue, however, if an entry indicates that something failed, the icon will be red. The Policy Assigned or Policy Not Assigned shows if the computer or user has been assigned the Appy Policy right.  GPO Section shows if the GPO section has been enabled, this is controlled by the GPO Status, i.e. User configuration settings disabled or Computer configuration settings disabled option in GPMC.  If a section is enabled but the section doesn't contain any settings then a GPO Section is Empty entry will also be displayed. GPO GUID is the name of the group policy object in AD. Options displays if the policy has enforce option enabled or not, if the policy is set to enforce a padlock is shown next to the status icon.  The SOM displays the OU to which the policy is linked in AD.  The Version and Section Revision entries display the version details for the policy, which is either the computer or user section version number.  WMI Filter Passed show the results of the WMI filter test, if there is no WMI filter applied to the policy the result will be true.  The WMI Filter entry display the GUID of the WMI filter that is assigned to the policy.

Group Membership

This is the list of groups that the machines, or the user is a member of.  This information is based on the machine's or user's access token and not the group membership in AD, as they can be different depending on when the machine was last rebooted, this can effect which policies are applied.

Examples

In this example the section is enabled, however the section is empty, so the GPO is reported as not being applied  This common for the local policy.

In the next example the machine or user have not been assigned the Apply Policy permission and is reported as Policy Not Assigned, as a side effect the WMI filter is also marked as failed.

In this last example the WMI filter test has failed so the policy failed to be applied.  The SOM reference for the WMI filter is displayed, you will need to use NetTools, GPO Explorer, WMI Filters, to determine the name and details of the filter.

Export 

The File menu has options to export and load the GPO engine results for both the computer and user details to a file, these files have a GVX file extension, these can then be reviewed later or when the machines is not available.  As this uses registry fragments to save the details, you still need administrator or SE_RESTORE_NAME and SE_BACKUP_NAME user rights to load and view these files.

This software is Freeware.  You use this software at your own risk. I do not warrant this software to be fit for any purpose and I cannot be held accountable for any form of data loss that occurs as a result of using this program, you use it at your own risk.