What is a one sentence summary of your feature request?
Optimize the GPO querying process in PingCastle to prevent timeouts in enterprise environments by adopting a GPO-centric approach for retrieving link information.
Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.
Currently, PingCastle experience significant issues when executing the embedded query Get-ADObject -LDAPFilter “(GPLink=*)” in large enterprise environments. This query typically results in timeouts. The underlying cause of this issue is that the current querying method attempts to check every object in the domain for a Group Policy link (GPLink) without employing any filters. This is particularly problematic in large directories where the GP-Link attribute is not indexed, making such a broad search inefficient.
If PingCastle relies on this query to gather critical information about Group Policy links, it is essential to revise the querying methodology. A more effective strategy would be to first retrieve all Group Policy Objects (GPOs) in the domain and then query these specific objects for their link locations. This GPO-centric approach would significantly reduce the workload on the directory service and minimize timeout occurrences, making the process much smoother.
How do you currently solve the challenges you have by not having this feature?
Currently, the timeouts encountered during these queries prevent the successful generation of PingCastle reports, leading to incomplete assessments of GPO configurations. Users often find themselves forced to rerun queries multiple times or manually gather information, resulting in increased administrative overhead and inefficiency. The inability to obtain timely and accurate reports hinders decision-making and slows down overall project timelines. By implementing the suggested improvements, not only would report generation be restored, but the overall performance of PingCastle in enterprise environments would become more robust, leading to enhanced user satisfaction and productivity.