3.2.3 Initialization

When invoked by the Group Policy framework with a list of one or more applicable GPOs, the client-side plug-in MUST do the following: locate all the physical security policies within those GPOs, copy the policies to the local machine, read the policies, and apply them as specified in section 3.2.5.

Locating physical security policy files MUST be done by using the Group Policy: Core Protocol, as specified in [MS-GPOL] section 3.2.5.1, and the LDAP search protocol, as specified in [RFC2251] section 4.5. The policy files SHOULD<9> be copied and read by using standard Copy and Read functions in the Server Message Block (SMB) Versions 2 and 3 Protocol as specified in [MS-SMB2].