2.1.3.2.2 Editing Existing Policies
Before the administrator can use the Administrative tool to edit policy objects, a connection to Active Directory is required to look up LDAP objects. This involves the same two steps that are used in policy application:
Locate a Group Policy server, as described in section 2.1.3.1.1 and [MS-ADOD] (section 3.1.1).
Initiate an LDAP BindRequest and BindResponse, as described in section 2.1.3.1.2.
After the Administrative tool discovers a writable Group Policy server and makes a successful connection to Active Directory, the administrator can select a policy to be edited.
The following diagram shows the communication between various Group Policy components during the policy administration editing process, as facilitated by the Administrative tool.

Figure 8: Policy administration editing process
The sections that follow describe the processes that occur when editing GPOs and policy files.