Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET!
Windows Server 2012

Forcing a Remote Group Policy Update with GPMC

How do I force a remote Group Policy update in Windows Server 2012?

Group Policy settings refresh automatically every 90 minutes, with a random offset of 0 to 30 minutes so that not all computers in the domain refresh their Group Policy settings at the same time. If you want to apply new Group Policy settings without waiting for the next scheduled refresh, you can force an update by running the gpupdate command line tool locally.

Windows Server 2012 Group Policy Management Console (GPMC) has a new feature that allows administrators to remotely force a Group Policy refresh on all computers in an Active Directory (AD) Organizational Unit (OU). Additionally, there’s also a new PowerShell cmdlet (Invoke-GPUpdate) that allows you to do the same thing programmatically, with the advantage of being able to target the default Computers container.

Configure Windows Firewall to allow a remote Group Policy update

First we need to configure Windows Firewall across our network to support the ability to remotely refresh Group Policy.

  1. Logon to Windows Server 2012, or Windows 8 if you have the Windows Server 2012 Remote Server Administration Tools (RSAT) installed.
  2. Open Server Manager from the desktop Task Bar or Start screen.
  3. Open Group Policy Management from the Tools menu in Server Manager.
  4. In the left pane of GPMC, expand your AD forest, domain, and select Starter GPOs.
  5. In the right pane of GPMC, if you don’t see a list of Starter GPOs for your domain, click Create Starter GPOs Folder.
  6. Now in the left pane of GPMC, right click your AD domain and select Create a GPO in this domain, and Link it here… from the menu.
  7. In the New GPO dialog, name the GPO GPO remote update Windows Firewall settings, select Group Policy Remote Update Firewall Ports under Source Starter GPO and click OK.
  8. In the left pane of GPMC, click on your AD domain. In the right pane, switch to the Linked Group Policy Objects tab. Click the new firewall settings GPO in the list and using the arrows on the left, move it up in the link order above the Default Domain Policy.

GPO link order in GPMC

Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

Force a remote Group Policy update

Once the new GPO is linked to your domain, you’ll need to wait for Group Policy to refresh on all devices to which it applies before you can reliably force a remote update using GPMC.

To force a Group Policy update on all computers in an Organizational Unit (OU) using GPMC:

  1. Right-click the desired OU in GPMC and select Group Policy Update from the menu.
  2. Confirm the action in the Force Group Policy Update dialog by clicking Yes.

Check the results in the Remote Group Policy update results window.

Remote Group Policy Update Results

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (2)

2 responses to “Forcing a Remote Group Policy Update with GPMC”

  1. Group Policy Changes: Windows Server 2012, Windows 8 Part 1-2-3 | Hany Abd El-Wahab | let's Try

    [...] https://petri.com/force-remote-group-policy-update-gpmc.htm# Share this:TwitterFacebookLike this:Like Loading... Categories: Active Directory, Windows 8, Windows Server 2012 Tags: active directory, AD, Backup EXEC, event viewer, Group ploicy, hany AbdElwahab, Microsoft. print server, symantec, Win2k12 AD, windows server, Windows Server 2012 Active Directory Comments (0) Trackbacks (0) Leave a comment Trackback [...]
  2. Lucas Gustavo

    Now, it only is important to buy that on a reliable store, like Buysoft (http://www.buysoft.com.br) or Best Soft.

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.

Register for Advanced Microsoft 365 Day!

GET-IT: Advanced Microsoft 365 1-Day Virtual Conference - Live August 24th!

Join us on Tuesday, August 24th and hear from Microsoft MVPs and industry experts about how to take advantage of Microsoft 365 at a technical level and dive deep into the features and functionality that will make your environment more secure and compliant.


Sponsored By