Remotely refresh Group Policy settings for all computers in an OU from a central locationon January 14, 2013 at 10:21 am
Starting with Windows Server® 2012 and Windows® 8, you can now remotely refresh Group Policy settings for all computers in an OU from one central location through the Group Policy Management Console (GPMC). Or you can use the Invoke-GPUpdate cmdlet to refresh Group Policy for a set of computers, not limited to the OU structure, for example, if the computers are located in the default computers container.
The remote Group Policy refresh updates all Group Policy settings, including security settings that are set on a group of remote computers, by using the functionality that is added to the context menu for an OU in the Group Policy Management Console (GPMC). When you select an OU to remotely refresh the Group Policy settings on all the computers in that OU, the following operations happen:
- An Active Directory query returns a list of all computers that belong to that OU.
- For each computer that belongs to the selected OU, a WMI call retrieves the list of logged on users.
- A remote scheduled task is created to run Gpupdate.exe /force for each logged on user and once for the computer Group Policy refresh. The scheduled task is scheduled to run with a random delay of up to 10 minutes in order to decrease the load on the network traffic. This random delay cannot be configured when using the GPMC, but you can configure the random delay for the scheduled task or set the scheduled task to be run immediately when you use the Invoke-GPUpdate cmdlet.
For more information see the Microsoft post where this information came from.