Create-GroupPolicyObjectForTags.ps1 can be used for bulk Group Policy Object (GPO) generation to configure tags (labels) for Telemetry Dashboard. The script creates GPOs that are linked to a specified domain/site/OU with or without security filtering by security groups. The script enables you to create multiple GPOs at a time based on information written in a CSV file.

By using this script, you can deploy Tag1 (Label1), Tag2 (Label2), Tag3 (Label3), and Tag4 (Label4) to users so that you can filter data in Telemetry Dashboard based on security groups. For example, after members of the Finance security group receive the “Finance” label with their GPO, you can use a filter in Telemetry Dashboard to view only the telemetry data for Finance users.

For more information about Telemetry Dashboard and label features, refer to the blog post Deploying labels (tags) for better analysis in Telemetry Dashboard.

To run this script, you must be a member of one of the following groups: Domain Admins, Enterprise Admins, or Group Policy Creator Owners. You also must be able to run Windows PowerShell in an elevated mode.

Step-by-step

1. Download Create-GroupPolicyObjectForTags.ps1 and Sample.csv and save them to a computer that has access to the domains for which you will create GPOs.

2. Modify Sample.csv so that the script can create a GPO and link it to a specified target with or without security filtering. You can specify the following 7 values in a CSV file.

Values in a CSV file:

Sample.csv includes following examples:

GpoName,Target,Tag1,Tag2,Tag3,Tag4,SecurityGroup

FinanceTag,"dc=contoso,dc=com",Finance,Pilot,"North America",TowerPC,Finance

SalesTag,"dc=contoso,dc=com",Sales,Test,APAC,Note,Sales

ExecutiveTag,"ou=Users,dc=contoso,dc=com",,Executives,,,Directors

 

3. Run Windows PowerShell as an Administrator and move to the folder where you saved the script.

4. Run the Set-ExecutionPolicy Windows PowerShell cmdlet to allow script to run.

5. Run Create-GroupPolicyObjectForTags.ps1.

6. Specify the full path and file name of the CSV file (e.g. C:\Temp\Sample.csv).

7. Verify that the GPOs that you specified in the CSV file were created and linked to the target successfully.