3.4 Example 4: Authoring a New GPO
This example describes the message flow during new policy authoring. When the Group Policy administrator creates a new GPO, the Group Policy server handles the request by provisioning resources in Active Directory for a new GPO and appropriate directories are created on the Group Policy file share. After the new policy is created, the administrator opens the policy and begins setting the policy configuration. As the administrator authors policy settings, the Administrative tool communicates with Active Directory on the Group Policy server and the Group Policy file share to update these Group Policy data stores with the policy data.
This example maps to the use case specified in Administering Group Policy (section 2.5.3).
Prerequisites
The following prerequisites apply to this example:
Policy information that is stored in the Group Policy data store aligns with business and organizational requirements
The Administrative tool has read/write access to the Group Policy server.
The Group Policy server is a read/write domain controller.
The Administrative tool is able to discover and communicate with the Group Policy server, as described in [MS-GPOL] section 3.2.5.1.1.
In this scenario, it is assumed that the Group Policy file share resides on the Group Policy server.
Note The Group Policy server (DC) discovery and connection sequence for the Group Policy client and Administrative tool are identical.
Initial System State
The initial state of Group Policy corresponds to the previously specified prerequisites.
Final System State
The state of Group Policy and its components after execution of this example can be described as follows:
The Group Policy server is updated with newly authored Group Policy information.
Sequence of events
The following diagram illustrates the message sequence that occurs when the Administrative tool is used to author a new policy.

Figure 14: Authoring a new policy
The message sequence for this example is described fully in the following sections of [MS-GPOL].