Kushagra,
To get you started, you have two options off the top of my head, without needing additional tools.
- In Group Policy Management, scroll to the bottom and use Group Policy Modeling and Group Policy Results. Modeling is primarily used to test what would be applied in different situations, but can also reflect what should be applied in a specific setup. Group Policy Results is the same as gpresult cli and will show what is applied for a specific computer and user.
- Your other option is an administrative terminal, gpresult /S computername /USER usernamethathasloggedintosystem /H C:\path\to\file.html
If you can find the time and have a subscription, install Advanced Group Policy Management. https://learn.microsoft.com/en-us/microsoft-desktop-optimization-pack/agpm/ It is part of Microsoft's Desktop Optimization Pack https://learn.microsoft.com/en-us/microsoft-desktop-optimization-pack/.
Is this what you were asking for?
Issues I can think of would be trust relationships, depending on how the systems were isolated, especially if using a different domain. Another major issue is having all of the right firewall ports open to the isolated systems. https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/config-firewall-for-ad-domains-and-trusts. The firewall ports have been my biggest issue with Group Policy.
You can also remotely invoke the GPUpdate with something like the following:
$clients = Get-ADComputer -Filter 'Name -like "isolatedpcname*"'
$clients | ForEach-Object -Process {Invoke-GPUpdate -Computer $_.name -RandomDelayInMinutes 20}
Justin