So how do you go about writing ADM templates from the ADMX and ADML templates included with Vista? Well it’s a long laborious process so unless you absolutely need to continue to support ADM templates, I would stick with the new ADMX/ADML templates.
CLASS
In ADM templates you set the CLASS for the policies that followed the CLASS statement to either CLASS USER or CLASS MACHINE. This denoted which registry hive the policies that followed would be amending; Hkey_Current_User and Hkey_Local_Machine respectively. I personally split my policies into User and Computer policies, and so a single GPO will only be set to provide settings for one or the other registry hive. I find this generally works well, and so I have adm templates that are tailored to either user settings or machine settings, therefore I only set the CLASS once per ADM template. In the ADMX templates however the CLASS is given once per Policy setting and so if you are converting AMDX/ADML into ADM templates you need to be careful that you see this.
Categories
If you open one of the default ADMX templates in a text editor the first things you will notice after the XML pre-amble is the list of Categories along with the display name for the Category, the explaintext and its parent category as shown here:-
<category name="DeviceInstall_Category" displayName="$(string.DeviceInstall_Category)" explainText="$(string.DeviceInstall_Help)">
<parentCategory ref="windows:System" />
</category>
<category name="DriverInstall_Category" displayName="$(string.DriverInstall_Category)" explainText="$(string.DriverInstall_Help)">
<parentCategory ref="windows:System" />
</category>
<category name="DeviceInstall_Restrictions_Category" displayName="$(string.DeviceInstall_Restrictions_Category)" explainText="$(string.DeviceInstall_Restrictions_Help)">
<parentCategory ref="DeviceInstall_Category" />
</category>
So we can see here that the Device Install and Driver Install Categories both sit under the Windows System Category and Device Install Restrictions Category sits under the Device Install Category. In much the same way as in ADM templates, the DisplayName and explaintext are listed as strings, however you will find these strings listed in the equivalent ADML template file rather than in the main body of the ADMX file. The relevant section in the ADML that covers Device Install Restrictions Category looks like this:-
<string id="DeviceInstall_Category">Device Installation</string>
<string id="DeviceInstall_Help">Policy settings that control the installation of devices.</string>
<string id="DeviceInstall_Restrictions_Category">Device Installation Restrictions</string>
<string id="DeviceInstall_Restrictions_Help">Policy settings that describe which devices can or cannot be installed on the System</string>
Ok, from here we have enough to layout the barebones of the ADM template as follows:-
CLASS MACHINE
CATEGORY !!DeviceInstallation
EXPLAIN !!DeviceInstallation_CATEGORY_EXPLAIN
CATEGORY !!DeviceInstall_Restrictions_Category
EXPLAIN !!DeviceInstall_Restrictions_Category_EXPLAIN
[strings]
DeviceInstallation="Device Installation"
DeviceInstallation_CATEGORY_EXPLAIN="Policy settings controlling the installation of devices on the system."
DeviceInstall_Restrictions_Category="Device Installation Restrictions"
DeviceInstall_Restrictions_Category_EXPLAIN="Policy settings describing which devices may or may not be installed on the system."
Part 3 will continue on to discuss a number of policy settings and how you construct the Policy Syntax for the ADM template from the ADMX/ADML template files.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment