Share via

3.1.5.4 Policy Administration Update Message Sequencing

  • Article

To update the registry-based policy settings in a GPO using an administrative plug-in, the Computer Policy Setting State (section 3.1.1.3) and User Policy Setting State (section 3.1.1.4) of that GPO on the Group Policy server MUST be updated with a new Registry Policy Message. This MUST be accomplished with the following message sequence:

  1. Open registry.pol. This is a remote File Open from Administrative tool to Server: The file name used MUST be "<gpo path>\registry.pol", where <gpo path> is one of the following:

    • The user-scoped Group Policy Object path if the GPO's user settings are being updated.

    • The computer-scoped GPO path if the computer settings are being updated.

      The remote File Open MUST request Exclusive Write permission, and request that if the file does not exist it will be created. If the Open request returns a failure status, the Group Policy: Registry Extension Encoding sequence MUST be terminated.

  2. Remote File Write Sequences: The administrative plug-in MUST perform a series of remote file writes to overwrite the contents of the opened registry.pol file with new settings. These writes MUST continue until the entire file is copied or an error is encountered. If an error is encountered, the protocol sequence MUST be terminated.

  3. File Close: The tool MUST then issue a file close operation for all opened files.

  4. If the Policy Administration Update Message is invoked from the Group Policy Registry Administrative Plug-in, the administrative plug-in MUST invoke the Group Policy Extension Update event described in [MS-GPOL] section 3.3.4.4 with the following parameters:

    • GPO DN is set to the distinguished name of the Administered GPO.

    • "Is User Policy" is set to TRUE if changes were made to the GPO's user settings or FALSE if changes were made to the GPO's computer settings.

    • CSE GUID is set to the Group Policy: Registry Extension Encoding CSE GUID (defined in section 1.9.

    • TOOL GUID is set to the Group Policy: Registry Extension Encoding TOOL GUID (defined in section 1.9.