3.1.5.3 Policy Administration Load Message Sequencing

To load the registry-based policy settings from a Group Policy Object (GPO) using an administrative plug-in, the Computer Policy Setting State (section 3.1.1.3) and User Policy Setting State (section 3.1.1.4) of that GPO on the Group Policy server MUST be read with a new Registry Policy Message. This MUST be accomplished with the following message sequence:

1. Remote File Open from Administrative tool to Server: The file name used MUST be "<gpo path>\registry.pol", where <gpo path> is one of the following:

   • The user-scoped Group Policy Object path, if the GPO's user settings are being updated.

   • The computer-scoped Group Policy Object path, if the computer settings are being updated.

     The remote File Open MUST request Shared Read permission and request that if the file does not exist, it will not be created. If the Open request returns a failure status, the Group Policy: Registry Extension Encoding sequence MUST be terminated.

2. File Read Sequences: The administrative plug-in MUST perform a series of file reads to read the contents of the opened registry.pol file. These reads MUST continue until the entire file is read or an error is encountered. If an error is encountered, the protocol sequence MUST be terminated.

3. File Close: The tool MUST then issue a File Close operation for all opened files.