1.3 Overview

The Group Policy: Preferences Extension provides a mechanism for an administrator to manage and deploy preferences that target client computers and network users. In this document, the term preferences refers to 20 types of preference settings that are applied as defined later. Although preferences settings are identical to the Group Policy mechanism in deploying policy settings, because preference settings are not written as policy, they can be overwritten by the user as needed.

Background

The Group Policy: Core Protocol, as specified in [MS-GPOL], allows clients to discover and retrieve policy settings created by domain administrators. These settings are persisted within Group Policy Objects (GPOs) that are assigned to policy target accounts in Active Directory. Policy target accounts are either computer accounts or user accounts in Active Directory. Each client uses the Lightweight Directory Access Protocol (LDAP) to determine which GPOs apply to it by consulting the Active Directory objects corresponding to both its computer account and the user accounts of any users logging on to the client computer.

On each client, each GPO is interpreted and acted upon by software components known as client add-in. The client add-in responsible for a given GPO is specified by using an attribute on the GPO. This attribute specifies a list of GUID pairs. The first GUID of each pair is referred to as a client-side extension GUID (CSE GUID). The second GUID of each pair is referred to as a tool extension GUID.

The Group Policy: Core Protocol uses this protocol's CSE GUID and tool extension GUID values to invoke this protocol only to access GPOs that require processing by this protocol.

For each GPO that applies to a client, the client consults the CSE GUIDs listed in the GPO to determine which client add-in on the client will handle the GPO. The client then invokes the client add-in to handle the GPO.

A client add-in uses the contents of the GPO to retrieve settings specific to its class in a manner specific to its class. After the client add-in retrieves the class-specific settings, it uses those settings to perform class-specific processing.