1.4 Relationship to Other Protocols
Note that the Group Policy: Core Protocol by itself is not capable of communicating policy settings directly. The Group Policy: Core Protocol only does so by being extended by one or more Group Policy extensions (for example, as specified in [MS-GPREG], [MS-GPSCR], and [MS-GPIPSEC]) that are capable of communicating policy settings of a given class. These Group Policy extensions depend on the Group Policy: Core Protocol to execute first on the Group Policy client to identify GPOs that the Group Policy extension needs to query or update. The Group Policy: Core Protocol has no dependency on any Group Policy extensions. Any number of Group Policy extensions can be added without requiring changes to the Group Policy: Core Protocol.
Group Policy depends on the following protocols to exchange information between a client and a Group Policy server:
Simple and Protected Generic Security Service Application Program Interface Negotiation Mechanism (SPNEGO) Protocol Extensions, specified in [MS-SPNG], for authentication.
Kerberos Protocol Extensions, specified in [MS-KILE], for authentication.
NT LAN Manager (NTLM) Authentication Protocol, specified in [MS-NLMP], for authentication.
DFS: Referral Protocol, specified in [MS-DFSC], to provide location-independent access to the Group Policy server for clients during policy application and policy administration.
LDAP v3, as specified in [RFC2251], for transmitting Group Policy settings and instructions between the client and the Group Policy server.
DRS Remote Protocol, as specified in [MS-DRSR] is used for the DN Discovery.
Netlogon Remote Protocol, as specified in [MS-NRPC], is used for DC Discovery.
Figure 1: Group Policy: Core Protocol relationship diagram
The Internet Control Message Protocol (ICMP), as specified in [RFC792], can be used for Link Speed Determination.