You can generate a report that lists all of the security filters—masks and locks—that have been set on a GPO.
To generate and save a GPO Security Filtering report:
Log on to a GPA Console computer with an account that has permissions to filter GPOs.
Start the GPA Console in the Group Policy Administrator program group.
In the left pane, expand GP Repository to the domain, category, or GPO level, depending on your intent, and right-click the object to which you want to apply the filter.
Select Save GPO Security Filtering report.
Browse to a save location and click OK.