3.3 Example 3: Populating the Administrative Tool with Configuration Data

This example demonstrates the processes that occur when the Administrative tool loads and retrieves the appropriate information from the data stores that contain Group Policy data. The Administrative tool is populated with data that is retrieved from the Group Policy server.

This example maps to the use case specified in Administering Group Policy (section 2.5.3).

Prerequisites

The following prerequisites apply to this example:

Note that the Group Policy server (DC) discovery and connection sequence for the Group Policy client and Administrative tool are identical.

  • The computer hosting the Administrative tool is joined to the domain and the Group Policy administrator is logged on with domain credentials of sufficient rights.

  • In this scenario, it is assumed that the Group Policy file share resides on the Group Policy server.

Initial System State

The initial state of the Group Policy protocols corresponds to the previously specified prerequisites.

Final System State

The state of the Group Policy protocols and components after execution of this example can be described as follows:

  • The Administrative tool retrieved all the existing policies on the Group Policy server.

Sequence of events

The following diagram illustrates the message sequence that occurs when the Administrative tool retrieves GPO data from the Group Policy server and policy settings from the Group Policy file share.

Populating the Administrative tool with data

Figure 13: Populating the Administrative tool with data

The message sequence for this example is described as follows:

  1. The Administrative tool makes a sequence of LDAP calls to the Group Policy server to retrieve GPO information via the message types described in [MS-GPOL] sections 2.2.2, 2.2.3, 2.2.4, 2.2.5, and 2.2.7.

  2. The GPO information that is returned in response to the LDAP queries is used to populate the tool.

  3. During editing operations, the Administrative tool invokes one or more extension protocols, which communicate with the Group Policy file share via a file access protocol to return existing policy settings.

  4. The returned policy settings information is used to populate the tool.