3.1.5.1 Policy Description Sequences for ADM-Based Administrative Templates

A Group Policy server MAY store serialized versions of Policy Description Messages in the GPO for use with administrative plug-ins.<7>

ADM Policy Descriptions on the server MUST be updated by the administrative plug-in as follows:

1. Perform a remote File Search from administrative tool to server: The search used MUST be "<gpo path>\adm\*.adm".

2. The tool MUST locally create a list of paths from the results returned from the search.

3. The tool MUST then close the File Search.

4. For each of the files in the list, the file MUST be read with the following sequences:

   1. Perform a remote File Open for the file. If the Open request returns a failure status, the Group Policy: Registry Extension Encoding sequence MUST be terminated.

   2. If the time stamp of the file is later than a locally cached version of the file with the same name, remote file reads MUST occur until all the contents of the file are read or an error occurs. The protocol sequence MUST be terminated if an error occurs.

   3. If the file's time stamp is earlier or the file does not exist, then the administrative tool MAY update the GPO itself with the locally cached version of the file so that other administrators accessing the GPO can have access to a more recent version of the file.

   4. The administrative tool MUST read the locally cached version of the file to get information about policy settings.

   5. A File Close MUST occur for the file.

The steps listed in this section SHOULD be used when administrative plug-ins are used to view or edit administrative templates settings. Within all loaded ADM files, settings MUST be unique within the CLASS, CATEGORY, and POLICY sections.<8>