3.1.5.1 Policy Administration Update Message Sequencing

To update the policy settings in a GPO using administrative tool plug-ins, the state of that GPO on the Group Policy server MUST be updated with a new preferences policy message. This MUST be accomplished with the following message sequence:

  1. SMB file open from client to server:

    The file name used MUST be a path defined in section 2.2.1 and be specific to each preference type, where <gpo path> is the user-scoped GPO path if the GPO's user settings are being updated or if the computer-scoped GPO path of the computer settings is being updated.

    The SMB file open MUST request write permission and request that the file be created if it does not exist.

    If the open request returns a failure status, the Group Policy: Preferences Extension sequence MUST be terminated. The contents of the settings file is read into the administration tool.

  2. SMB file write sequences:

    The administrative add-in MUST perform a series of SMB file writes to overwrite the contents of the opened file with new settings. These writes MUST continue until the entire file is copied or an error is encountered.

    If an error is encountered, the protocol sequence MUST be terminated.

  3. File close:

    The tool MUST then issue an SMB file close operation.

  4. The administrative tool invokes the Group Policy Extension Update task ([MS-GPOL] section 3.3.4.4).