While remotely administering a Windows Server 2022 Core file server through an elevated PowerShell session, you discover that several scheduled tasks now fail because the service account can no longer log on as a batch job. You suspect that a recently linked domain Group Policy Object (GPO) removed this right. To verify which computer-level GPOs are currently applied to that server and confirm whether the new GPO is responsible-without making any changes-what is the FASTEST single step you should take from the command line on the affected server?
Run "gpresult /r" on the server to display the Resultant Set of Policy.
Run "gpupdate /force" and examine GroupPolicy events in the System log.
Disable the suspected GPO link in Group Policy Management Console and wait for replication.
Launch "rsop.msc" from a remote MMC console to view applied settings.
Running "gpresult /r" (or "gpresult /scope computer /v" for more detail) generates the Resultant Set of Policy for the local system and immediately lists every computer-level GPO that is actually applied, in the order of precedence, along with the time each policy was processed. Because the command-line tool is available on Server Core and produces results in seconds, it is the quickest way to confirm whether the suspected GPO is winning.
Forcing a "gpupdate /force" only refreshes policy; it does not display which GPOs are applied, and reading the System event log afterward is slower and indirect. Opening "rsop.msc" through an MMC snap-in would show the same information but requires a graphical interface that Server Core lacks and involves more steps. Disabling the GPO link in GPMC changes production policy before you have confirmed the root cause and therefore is not an initial verification step.