GPO Administrative Templates in Vista Part 1

Well as I mentioned in the previous post Administrative Templates for GPOs are all set to change in Vista and Longhorn Server.  Although Microsoft says that for a majority of the time you won’t notice the difference, there are differences, and you need to be aware of them.

The underlying Policy file for each GPO (Registry.pol) is found in the Sysvol of Domain controllers in a Windows 200x network and it delivers registry based settings to the User/Computer; this will remain.  The differences will come with how they are presented to Administrators.  The two sets of files to concern yourself with are the admx and adml files, this can be found on any Vista station under %systemroot%\PolicyDefinitions and %Systemroot%\PolicyDefinitions\[MUIculture] (i.e. en-us  This is the American English Language file location), both sets of files are XML based.
The ADMX files contain the structure of the view of the policies that will be presented in the GPEdit or GPMC consoles and as with ADM templates they contain:-

• Categories


• Policies


• Registry Key Paths and Values


• Elements (previously known as Parts)


• Control Types

The ADML files contain all the language specific information such as Explain Text and Help Text; it also contains information such as Default values and Spin.  This split will help with International Companies that may have offices that speak different languages but wish to have IT staff in several locations working on the same GPOs; you can just create a separate set of ADML templates.  Your first reaction to this maybe that this would just bloat the size of Sysvol with all these additional templates, this is another major change coming with Vista/Longhorn, the ADMX/ADML templates will be stored in the Sysvol share as a single set of templates rather than one set per policy.

This is all good news so far, but what happens if you use other tools to manage GPOs that are also reliant on ADM templates for the Structure it display policies with.  Well this means you will just have to create your own ADM templates and include any Vista specific settings in them.  I will go through this in more detail in Part 2.