Since the lab domain I'm using is a fairly small one of only 3 hosts at the moment I will enumerate all hosts in the domain, save them in to a variable and loop over them to update the GPO.
Do to that the Computer parameter in Invoke-GPUpdate only takes from the pipeline by Value we have to use the For Each-Object cmdlet to go one by one of the onjects on the pipeline and run the cmdlet serially.
List Starter GPO names: Sadly we will have to wait 90 minutes to make sure the policy is applied to all hosts we want to update GPOs remotely.
Once the firewall rules have been enabled we can now use the cmdlet Invoke-GPUpdate from the Group Policy module installed on all Domain Controllers or hosts running the latest version of the Remote Server Administration Tools (RSAT).
Additionally, there’s also a new Power Shell cmdlet (Invoke-GPUpdate) that allows you to do the same thing programmatically, with the advantage of being able to target the default Once the new GPO is linked to your domain, you’ll need to wait for Group Policy to refresh on all devices to which it applies before you can reliably force a remote update using GPMC.
"), Pf(c),c=c.inner HTML);var d=document.create Element("template");if("content"in d)d.inner HTML=c,d=d.content;elsec=document.create Tree Walker(d, Node Filter.
For online help, type: "get-help Invoke-GPUpdate -online" There are other parameters to specify the target to update (Computer or User) and to also loggoff users or reboot the machine.
Group Policy settings refresh automatically every 90 minutes, with a random offset of 0 to 30 minutes so that not all computers in the domain refresh their Group Policy settings at the same time.Once create we can use Power Shell to create a new GPO based on the Group Policy Remote Update Firewall Ports starter GPO and link the GPO to the OU or domain we want to apply this rule to.In a lab setting you may want to apply it to the whole domain in one single command.We will need to enable the following firewall rules: Thankfully for this Windows 2012 and Windows 2012 R2 come with a started GPO to server as a base for the configuration.To configure the Windows Firewall we start first by creating all the Starter GPOs from the Group Policy Management console expanding the domain, selecting Starters GPOs and clicking on Create Starter GPOs Folder.As you can see there are many ways to achieve this but the simplest I have found using command line using Invoke-GPUpdate.