Issue with GPO Creation for Machine Policies via Invoke-HardeningKitty -Mode GPO

[brunodebastiani]

Hi, thank you for the excellent work on HardeningKitty !

Problem :

When creating GPOs for user policies, everything functions as expected. For example:

Invoke-HardeningKitty -Mode GPO -FileFindingList .\lists\finding_list_cis_microsoft_windows_server_2022_22h2_3.0.0_user.csv -GPOName !TEST-SERVERS-Hardening_CIS_Win22_22h2_3.0.0_user This command successfully creates the GPO with the correct registry values.

However, when creating GPOs for machine policies, the command completes without errors but does not add any registry values to the GPO. Here’s the command used:

Invoke-HardeningKitty -Mode GPO -FileFindingList .\lists\finding_list_cis_microsoft_windows_server_2022_21h2_1.0.0_machine.csv -GPOName !TEST-SERVERS_Hardening_CIS_Win22_21h2_1.0.0_machine After running this, HardeningKitty shows its usual output, but no registry values are added, and the GPO remains empty.

Steps to Reproduce :

Create a GPO for user policies using the first command (works correctly). Attempt to create a GPO for machine policies using the second command (completes but doesn’t apply values).

Environment :

Windows Server 2022 HardeningKitty version: 0.9.2

Is there a known issue or limitation with machine policy GPO ? Could this issue be related to the functional level of Active Directory?

Any suggestions would be much appreciated !

Thanks again for your work !

[0x6d69636b]

I ran the same command and the policy object was created successfully with all the settings, so I cannot replicate the result. However, I used the latest version from the dev repo. Could you try this version and report back your results?

[brunodebastiani]

Sorry, I won’t have time to test it again, but I believe the issue was due to an error in my editing of the CSV list. I’ll go ahead and close the issue.