#PoSh 7.4.x - Get-GPO not returning IFilter

Hi there,

Hope your all doing well. I have an unwanted behavior with PosH 7 and the cmdlet Get-GPO. event loaded in compatibility mode, some informations are missing. Here is an exemple :

$GpoName = "HAD-LoginRestrictions-T1"
Import-Module -UseWindowsPowerShell -Name GroupPolicy
Try { $GpoADdata = Get-GPO -Name $GpoName -ErrorAction Stop } Catch { $GpoADdata = $null }

And there is the output :

./> $GpoADdata

DisplayName      : HAD-LoginRestrictions-T1
DomainName       : R1.F4.HAD
Owner            : F4R1\Admins du domaine
Id               : 4e8a02d6-21a9-444f-87dc-14c20632fd6d
GpoStatus        : UserSettingsDisabled
Description      : Harden AD -----------------
                   Blocks connections to tier 1 machines from other tier accounts
CreationTime     : 04/01/2025 15:46:56
ModificationTime : 04/01/2025 15:47:00
UserVersion      :
ComputerVersion  :
WmiFilter        :

Any idea of what is causing this?

here is the correct output from PShell 5:

$GpoADdata


DisplayName      : HAD-LoginRestrictions-T1
DomainName       : R1.F4.HAD
Owner            : F4R1\Admins du domaine
Id               : 4e8a02d6-21a9-444f-87dc-14c20632fd6d
GpoStatus        : UserSettingsDisabled
Description      : Harden AD -----------------
                   Blocks connections to tier 1 machines from other tier accounts
CreationTime     : 04/01/2025 15:46:56
ModificationTime : 04/01/2025 15:47:00
UserVersion      : Version AD : 1, Version SysVol : 1
ComputerVersion  : Version AD : 1, Version SysVol : 1
WmiFilter        : Windows-Supported-OS-Servers-NoDC

event loaded in compatibility mode
If it's loaded in compatibility mode it's passed through the PSSerializer.

If it's passed through the serializer you lose methods or anything dynamic about the object.

okay, but if I do not use the compatibility mode, I have the exact same result, unfortunately.

(let say compatibnility was my last resort)

it's likely implicitly using compat mode. Run Get-Module GroupPolicy or look at the output from Get-Gpo

You want: ```ps
Import-Module GroupPolicy -SkipEditionCheck

And if it works, fine.

However, if it doesn't work, you'll have to run it in Windows PowerShell (either directly or using `Start-Job ... -PSVersion 5.1`)

output as in Get-Member and look at it's type names. If it's tagged as Deserialized then it's not importing in PS 7 natively at all. It's not flagged a compatible, so...

hmm, that's not an issue but I figure out that many of the project's user won't even think about it and run PS7, which is the default I believe. I'll get a look at how to block the script if not ran in the correct environment 😉 thnaks for your help!

PS 7 doesn't replace powershell.exe, so it really depends on what you mean by it being the default

huuuuuu

you can #Requires -PSEdition Desktop if you want to signal that your script is only compatible with Windows PowerShell

I mean 'i'm clicking dumby on it", you know that kind of guy ^^

that kind of guy won't be running PS 7 at all

however, it works with your last command

you have to explicitly install it, it doesn't replace powershell.exe, you can't really do it by accident

PS C:\Users\Administrateur> Remove-Module GroupPolicy
PS C:\Users\Administrateur> Import-Module GroupPolicy -SkipEditionCheck

return the expected details

I may be confusing myself but, is it not embedded by default in WS2025?

nope

OK, so being sick didn't help thinking good ^^

not a pb, so!

2025 ships with PS 5.1. If you want 7 you have to install it. There's a long, long running discussion around shipping it with the OS.

Problems with .NET's support lifecycle to contend with. We're not going to see that any time soon and I'm somewhat reluctant to believe that wishing for it is a good plan (for those that do).

MS in the broader context are utterly rubbish at keeping components like this up to date of their own accord.

If you do so, please ensure everything is embedded 🙂 rewritting scripts is a mess, more if that ones is 10k lines and plenty of modules ^^

To be honest, I do not understand how MS drive its strategy... Setting a GUI as W11 on a server, what the hell they do think about??? 😉 Not kidding, I hate it, not manageable at all (but I know all my MSC commands, so win+r is my friend)

consider it to be a whole bunch of separate companies that may or may not interact with each other 😉

lol! You mean that "apple's users at the marketing" wons all the battles? 🤣