May 16 2021 09:44 PM
May 24 2021 04:50 AM
@Ryan Means not at this time. We are evaluating the possibility of something in the future but still in the information gathering stage.
Jan 19 2022 02:11 AM
Jan 19 2022 06:01 AM
@FLeven it's not a request we get often at all. Typically customers will use the method posted here (Quickstart - Convert Group Policy into DSC - PowerShell | Microsoft Docs) to fill this need
Jan 19 2022 06:15 AM
Jan 19 2022 06:27 AM
@FLeven we will discuss internally but cannot commit to anything at this point
Jan 19 2022 10:47 AM - edited Jan 19 2022 10:51 AM
@FLeven - IIRC the last time I looked into it (a couple of years ago), DSC could not reliably handle Advanced Auditing settings nor most Security Options (esp. the items persisted in inaccessible areas of the registry and/or in undocumented formats).
Implementations I've seen in the past had bugs and/or took dependencies on US-English.
That said, that might have been addressed in the interim.
Jan 20 2022 07:12 AM - edited Jan 20 2022 07:25 AM
I know, take a look at the policy analyzer, regarding US-dependent.
What would be the official way to do automated reporting on "security" compliance based on GPO's to ensure an environment stays perfectly as it was designed, to not loose any kind of certification I went through ?
I went for a time with pester tests (16K items plus incl. baselines + custom), DSC at least would combine configuration/reporting and offer a SQL-Database to work with.