How to programatically update group policy? i.e. gpupdate /force

StackOverflow https://stackoverflow.com/questions/18195203

Question

I have several local accounts which are created at install time with C#. There is a group policy that in turn grants certain permissions to these new accounts.

The problem I am trying to solve is how do I go about getting the group policy pushed to the new accounts. Without the group policy applied the application will not function.

Opening a cmd prompt and running gpupdate /force fixes it, but I need a more seamless transition between install time and run time.

Was it helpful?

Solution

That should do the trick:

    private void UpdateGroupPolicy()
    {
        FileInfo execFile = new FileInfo("gpupdate.exe");
        Process proc = new Process();
        proc.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
        proc.StartInfo.FileName = execFile.Name;
        proc.StartInfo.Arguments = "/force";
        proc.Start();
        //Wait for GPUpdate to finish
        while (!proc.HasExited)
        {
            Application.DoEvents();
            Thread.Sleep(100);
        }
        MessageBox.Show("Update procedure has finished");
    }

OTHER TIPS

I guess you could try to invoke gpupdate /force using WMI. not much of coding but it's rather manual - you have to execute it against every machine when you need to.

Wmic /node:.... Process call create "gpupdate /force"

You might want to add local credentials if you are not a domain poweruser.

Solution seems easy but i could have misunderstood your question - if so update me please.

Best regards,

Alex

You can use this code even for remote machine

for local machine don't use username,password and Impersonation

private static void UpdateGPO(string machinename)
        {
           try
            {
                ConnectionOptions connectionOptions = new ConnectionOptions();

                connectionOptions.Username = @"Domain\Administrator";
                connectionOptions.Password = "password";
                connectionOptions.Impersonation = ImpersonationLevel.Impersonate;

                ManagementScope scope = new ManagementScope("\\\\" + machinename + "\\root\\CIMV2", connectionOptions);

                scope.Connect();

                ManagementClass clas = new ManagementClass(scope, new ManagementPath("Win32_Process"), new ObjectGetOptions());

                ManagementBaseObject inparams = clas.GetMethodParameters("Create");

                inparams["CommandLine"] = "GPUpdate /force";

                ManagementBaseObject outparam = clas.InvokeMethod("Create", inparams, null);
            }
            catch (Exception ex)
            {

            }
        }
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top