How to Update Group Policy on Remote Computers Simultaneously

Author: Peter Barnett           Date: Oct 18, 2019


All popular editions of Windows 10 above Home have built-in administration tool gpedit.msc or local group policies. This tool includes a wide range of policies (settings) and is intended to force changes in the basic configuration of the operating system and accounts. It is implemented as a MMC management console with a fairly user-friendly and intuitive graphical interface. This article shows you how to force gpupdate on multiple computers.

Group policies of the computer and the user are updated by default every 90 minutes in the background (perhaps a random offset from 0 to 30 minutes). They are also updated every time you start the system. If you change some group policies and want to apply the changes right away, not waiting for 90 minutes and not restarting the computer, update them manually using the commands described below.

One of the most difficult problems in managing AD Group Policy is testing policies on the fly, without restarting the computer or accessing the local computer and running the gpupdate /force command.

The Remote Group Policy Update feature provides the ability to use a single GPO management console (GPMC.msc) for both creating, modifying, and applying and testing Group Policies.

The functionality of remote Group Policy Update first appeared in Microsoft Windows Server 2012, in all subsequent versions (Windows Server 2016, Microsoft Windows 10), this functionality and its stability gradually improved.



Manually Update User and Computer Policies


  • 1. To execute this method, you must log on locally to a computer or server and open a command prompt as an administrator: one of the ways is to right-click on the "Start" menu and select "Command Prompt (Administrator)" from the menu that opens.

    How to Force Gpupdate. Open Command line


  • 2. In the appeared command prompt window type gpupdate command and press Enter - if you want to update only the policies that have been changed. If you want to update all policies - instead of the previous command, type gpupdate /force and press Enter. The /force switch will force the Group Policy update. I want to note that some settings can be applied only after logging out.

    Type gpupdate



Manually Update Computer Group Policies


As you can note, the command above updates the policies for both the user and the computer, but if you wish, you can manipulate this and explicitly indicate what needs to be updated. There is /Target:{Computer | User} for this. Suppose we need to update only a computer Group Policy settings.

  • 1. Open a command prompt as an administrator: one of the ways is to right-click on the "Start" menu and select "Command Prompt (Administrator)" from the menu that opens.

    How to Force Gpupdate. Open Command line


  • 2. In the CMD window that opens enter the gpupdate /target: computer command and press the Enter key to update only those computer policies that have been changed, if you want to update all computer policies — instead of the previous command, type gpupdate /target: computer /force and press the Enter key. There is still an interesting key, it is to delay /Wait:{your value}. The default value is 600 seconds.

    Enter the gpupdate target computer




How to Force Gpupdate. Manually Update User Group Policies


Assume that the user policy settings have been changed. You can run the gpupdate /target:user /logoff command to check for changes.

NOTE: Do not forget that the command line must be run as administrator. The previous method described in detail how to do this.

gpuupdate target user


This command updates the user part of the GPO and automatically ends the user session after the update is completed. As soon as the user registers with the system, he will notice the changes made.




Consider using Action1 to force group policy update remotely if:


  • - You need to perform this action on multiple (hundreds or even thousands) computers simultaneously.
  • - You have remote employees with computers not connected to your corporate network at all times.

Action1 is a cloud-based platform for patch management, software deployment, software/hardware inventory, endpoint management and endpoint configuration reporting. It is free with basic functionality.

  

Fully functional free edition for up to 10 endpoints with no expiration date. More details >



Relevant How To Articles and Action1 Features:

By continuing to use our website, you agree with our use of cookies in accordance with our Privacy Policy. You can reject cookies by changing your browser settings.     
Ok, got it