Group policy can be updated in individual devices by running the gpupdate /Force command.
The /Force applies all policy settings, not just those that have changed.
To remotely update Group policy, this can be done by right clicking the desired Organizational Unit in GPMC and selecting Group Policy Update from the menu, confirm the action in the Force Group Policy Update dialog by clicking Yes.
The following powershell command can be run
Invoke-GPUpdate -Computer mycompany\aghwks01
If the client has the firewall turn on, then certain ports need opened. The easiest way to do this is create a new GPO referencing the Group Policy Remote Update Firewall Port starter GPO.
Creating a GPO to open firewall ports can also be done by powershell
New-GPO -Name “GPO remote update firewall settings” -StarterGpoName “Group Policy Remote Update Firewall Ports | New-GPLink -traget “dc=company,dc=local” -linkenabled yes
The firewall rules that are enabled are:
- Remote Scheduled Task Management (RPC)
- Remtoe Scheduled Task Manageemnt (RPC-ERMAP)
- Windows Management Instrumentation (WMI-IN)