Group Policy can sometimes not always be used and this state is called "unlinked" this is where you have an object that is not linked to anything, while this does not waste GPO processing time this can become cumbersome to manage, so if you want to investigate what is "not linked" then you can use this script, designed to get a report of "unlinked" GPO's
# Get all Group Policy objects
Write-Host "Getting all Group Policy objects..."
$GroupPolicies = Get-GPO -All
# Array to store unlinked Group Policy names
$UnlinkedPolicies = @()
# Loop through each Group Policy object
foreach ($Policy in $GroupPolicies) {
# Check if the Group Policy is linked to any Organizational Unit
Write-Host "Checking Group Policy: $($Policy.DisplayName)"
$LinkedOU = Get-GPOReport -Name $Policy.DisplayName -ReportType XML | Select-String -Pattern "<LinksTo>" -SimpleMatch
# If not linked, add the Group Policy name to the array
if (!$LinkedOU) {
Write-Host "Group Policy $($Policy.DisplayName) is not linked to any Organizational Unit."
$UnlinkedPolicies += $Policy.DisplayName
} else {
Write-Host "Group Policy $($Policy.DisplayName) is linked to one or more Organizational Units."
}
}
# Output the list of unlinked Group Policy names
Write-Host "`nUnlinked Group Policies:`n"
$UnlinkedPolicies
