2.2.2 Central Access Policy File Message Format
All CAP policy files processed by the Group Policy: Central Access Policies Extension are UTF-8 encoded and are based on the following file syntax.
-
InfFile = UnicodePreamble VersionPreamble Sections UnicodePreamble = *("[Unicode]" LineBreak "Unicode=yes" LineBreak) VersionPreamble = "[Version]" LineBreak "Signature=" DQUOTE "$Windows NT$" DQUOTE LineBreak "Revision=1" LineBreak Sections = Section / Section Sections Section = Header Settings Header = "[" HeaderValue "]" LineBreak HeaderValue = StringWithSpaces Settings = Setting / Setting Settings Setting = DQUOTE Value DQUOTE LineBreak Value = String
The preceding syntax is in the Augmented Backus-Naur Form (ABNF) grammar, as specified in [RFC4234], and is augmented by the following rules.
-
LineBreak = CRLF StringWithSpaces = String / String Wsp StringWithSpaces QuotedString = DQUOTE *(%x20-21 / %x23-7E) DQUOTE Wsp = *WSP ALPHANUM = ALPHA / DIGIT
Each Value string MUST be a valid LDAP distinguished name, as defined in [MS-ADTS] section 3.1.1.3.1.2.
Note CAP policy files are stored as .inf files in a subfolder (section 3.1.5.1) of the Machine subdirectory in the Group Policy Object (GPO) path.