2.1.2.3.1 Group Policy Server

The Group Policy server is a domain controller that implements Active Directory Domain Services (AD DS). The Group Policy server of itself has no knowledge of Group Policy. It is simply a server that provides storage for managed generic objects (GPOs) that are used to maintain policy information.

The Group Policy server maintains state via two Group Policy data store components, which consist of the following:

Active Directory data store: A hierarchical directory service that stores the logical component of GPOs that are accessible through LDAP.

Group Policy file share data store: A domain-based file share that stores Group Policy extension and Group Policy template settings and is accessible through a file access protocol. Note that the Group Policy file share data store can be located on a remote file server or on the Group Policy server itself.

These data stores are modified as a result of changes made when authoring or modifying policy settings with the Administrative tool. In addition, Group Policy clients use these repositories as read-only stores during the policy application process.

For more information about the Group Policy server, including how GPOs are structured, see [MS-GPOL] section 3.1.