There are a few things you can do to help ensure that your PC and user account are treated equally. One is to make sure that all group policies are applied uniformly to all users, and another is to review which group policies are applied to your PC and user account when you create them. To view which group policies are applied to your PC and user account, open the Group Policy Editor on your PC. This editor is located in the Administrative Tools folder on the Windows desktop. To open it, click on the Group Policy Editor icon in the Start menu, or type gpedit.msc into a Windows search box and press Enter. The Group Policy Editor will open in a new window. In this window, you will see a list of all the GPOs that have been applied to your computer. You can select one or more of these GPOs by clicking on its name in the list. If you want to apply a GPO only to certain users or groups, you can do this by selecting one of these groups from the Users list and then clicking on its name in the list. If you want to apply a GPO only when certain tasks or activities occur, you can do this by selecting one of these tasks or activities from the Activities list and then clicking on its name in the list. The Group Policy Editor also allows you to add new GPOs as well as remove existing GPOs from your computer.
We have shown you a lot of tips and tricks over the years that involve modifying Local Group Policy. If you would ever like to see all the Group Policy settings in effect on your PC, here’s how to do it.
In the Windows world, Group Policy provides a way for network administrators to assign specific settings to groups of users or computers. Those settings then get applied whenever a user in the group logs in to a networked PC or whenever a PC in the group is started. Local Group Policy is a slightly more limited version that applies settings only to a local computer or users—or even a group of local users. We’ve featured a number of tricks here in the past that use Local Group Policy to change settings that you can’t change anywhere else—except by editing the Windows Registry. If you’re in the habit of changing Local Group Policy settings, you might find it useful to see all the changes you’ve made in one place, rather than digging through the Local Group Policy Editor.
RELATED: What Is “Group Policy” in Windows?
Note: Local Group Policy is only available in the Professional and Enterprise versions of Windows. If you’re using a Home edition, you won’t have access to the Local Group Policy Editor.
View Applied Policies with the Resultant Set of Policy Tool
The easiest way to see all the Group Policy settings you’ve applied to your PC or user account is by using the Resultant Set of Policy tool. It doesn’t show every last policy applied to your PC—for that you’ll need to use the Command Prompt, as we describe in the next section. However, it does show pretty much all the policies you will have set for regular use. And it provides a simple, graphical interface for browsing through the Group Policy settings currently in effect on your PC—whether those settings come from Group Policy or Local Group Policy.
To open the tool, hit Start, type “rsop.msc,” and then click the resulting entry.
The Resultant Set of Policy tool starts by scanning your system for applied Group Policy settings.
After it’s done scanning, the tool shows you a management console that looks very much like the Local Group Policy Editor—except that it only displays enabled settings along with a few unconfigured security settings.
This makes it easy to browse through and see what policies are in effect. Note that you can’t use the Resultant Set of Policy tool to change any of these settings. You can double-click a setting to view details, but if you want to disable or make changes to a setting, you’ll have to use the Local Group Policy Editor.
View Applied Policies with the Command Prompt
If you’re comfortable using the Command Prompt, it does provide a couple of advantages over using the Resultant Set of Policy tool. First, it can show every last policy in effect on your PC. Second, it will show some additional security information—like what security groups a user is part of or what privileges they have.
To do this, we’ll be using the gpresult command. You must specify a scope for the results, and valid scopes include “user” and “computer.” This means that to see all the policies in effect for the user and the PC, you’ll have to run the command twice.
To view all the policies applied to the user account you’re currently logged in with, you would use the following command:
The /v parameter in that command specifies verbose results, so you’ll see everything. Scroll down a bit and you’ll see a section named “Resultant Set Of Policies for User,” which contains the information you’re after.
If you’re looking for all policies applied to your Computer, all you need to do is change the scope:
If you scroll down, you’ll see that there is now a Resultant Set Of Policies for Computer section.
RELATED: How to Save the Command Prompt’s Output to a Text File in Windows
And there are other things you can do with the gpresult command. For example, if you’d like to save the report instead of viewing it at the Command Prompt, you could switch out the /v parameter in either of those commands and instead use /x (for XML format) or /h (for HTML format). Of course, you could also just use the /v version of the command and pipe it to a text file, if you prefer.