# GPO Comparison
The GPO Comparison feature allows users to compare and analyze the settings applied by Group Policy Objects in the Active Directory against both custom and official baselines prepared by Microsoft, CIS, STIG, and Forestall. These baselines are created by considering the security best practices.
Input fields are ;
**GPO**: List of Group Policy Object's belongs to your Active Directory.
**Baseline**: List of predefined baseline documents.
{% hint style="info" %}
Baselines are categorized according to the Windows operating system.
{% endhint %}
After selecting the relevant GPO and baseline, FSProtect automatically compares the applied settings and displays the results.
GPO Baseline Comparison
## **Comparison Result**
The colored labels and numbers in the upper-right describe the categories and the number of identified settings that belong to these categories in the comparison results.
Clicking on these badges allows you to filter the result table.
Colors of the badges are categorized as;
| Color | Definition |
| :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :------------------: |
|  | Uncompatible |
|  | Not Configured |
|  | Baseline Not Defined |
|  | Compatible |
|  | All |
**Uncompatible**: The setting configured by the GPO is not secure according to the baseline.
**Not Configured**: The setting referenced by the baseline is not defined or not configured by the GPO.
**Baseline Not Defined**: The setting configured by the GPO is not included in the baseline.
**Compatible**: The setting configured by the GPO is secure according to the baseline.
**All**: All settings that are configured by the GPO or referenced by the baseline.
The widgets in the upper-right side of the table allow us to;
* **Search**: Search the comparison results by the names of the settings.
* **Export**: Export the comparison results and the respective information listed in this table as a CSV file.
The table contains information about the results of the Group Policy Object settings comparison,
GPO Baseline Comparison Result
**Status**: Comparison result for the GPO setting.
**Type**: Type of the setting.
**Policy Group or Registry Key**: Group policy configuration path of the setting.
**Setting**: Name of the settings.
**GPO**: Value of the setting configured by the GPO.
**Baseline**: Value of the setting defined by the baseline.
In addition, each setting in the rows displays summary information about the definition of the setting.
GPO Baseline Setting Definition
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.forestall.io/fsprotect/gpo-audit/gpo-comparison.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
