3.1.5 Message Processing Events and Sequencing Rules

The administrative-side plug-in MUST attempt to use remote file access to retrieve any existing scripts.ini file from "<gpo path>\scripts\scripts.ini", where <gpo path> is the scoped GPO path. The plug-in SHOULD also attempt to use remote file access to retrieve any existing psscripts.ini file from "<gpo path>\scripts\psscripts.ini".<2>

The processing for reading and writing the settings from the GPO for administrative purposes is as follows:

To create the Group Policy: Scripts Extension Encoding settings, the administrative tool plug-in MUST perform these steps for each GPO:

1. Perform a remote file open on the file specified by "<gpo path>\scripts\scripts.ini", where <gpo path> is the scoped GPO path in the group policy object. If this operation fails, go to step 3.

2. Perform one or more remote file reads to read the entire contents of the opened file until the entire file has been read or an error in reading occurs.

3. If the file "<gpo path>\scripts\scripts.ini" is present, display the settings that were read in step 2. If no file was found, display an empty list.

4. The administrator configures new Group Policy: Scripts Extension Encoding settings by specifying the CmdLine and Parameters values for the scripts in scripts.ini.

5. If scripts are configured for scripts.ini group, use remote file write sequences to create a new scripts.ini file in the "<gpo path>\scripts\" directory if no file existed. Write the administrator-configured Group Policy: Scripts Extension Encoding settings to the scripts.ini file, overwriting the old content with updated content according to the format specified in section 2.2.2.

6. If opened, perform a remote file close to close the scripts.ini file.

7. After every creation, modification, or deletion that affects the scripts.ini file, the administrative tool MUST invoke the Group Policy Extension Update task as specified in [MS-GPOL] section 3.3.4.4.

Additionally, the administrative tool plug-in SHOULD<3>  perform these steps for each GPO:

1. Perform a remote file open on the file specified by "<gpo path>\scripts\psscripts.ini", where <gpo path> is the scoped GPO path in the group policy object. If this operation fails, go to step 3.

2. Perform one or more remote file reads to read the entire contents of the opened file until the entire file has been read or an error in reading occurs.

3. If the file, "<gpo path>\scripts\psscripts.ini", is present, display the settings that were read in step 2. If no file was found, display an empty list.

4. The administrator configures new Group Policy: Scripts Extension Encoding settings by specifying the CmdLine and Parameters values for the scripts in psscripts.ini.

5. The administrator optionally configures whether scripts listed in psscripts.ini are to be executed before or after the scripts listed in scripts.ini by specifying the StartExecutePSFirst (for startup, logon scripts) and EndExecutePSFirst (for shutdown, logoff scripts) values in the ScriptConfig section of the psscript.ini file. A value of case-insensitive "true" means scripts listed in psscripts.ini MUST be executed before the scripts listed in scripts.ini in the GPO. A value of case-insensitive "false" means scripts listed in psscripts.ini MUST be executed after the scripts listed in scripts.ini in the GPO.

6. If scripts are configured for psscripts.ini group, use remote file write sequences to create a new psscripts.ini file in the "<gpo path>\scripts\" directory if no file existed. Write the administrator-configured Group Policy: Scripts Extension Encoding settings to the pscripts.ini file, overwriting the old content with updated content according to the format specified in section 2.2.3.

7. If opened, perform a remote file close to close the psscripts.ini file.

8. After every creation, modification, or deletion that affects the psscripts.ini file, the administrative tool MUST invoke the Group Policy Extension Update task as specified in [MS-GPOL] section 3.3.4.4.

When an administrator specifies a command to be executed under a given condition using the administrative tool, the Group Policy: Scripts Extension Encoding plug-in MUST put the commands into a scripts.ini or psscripts.ini file, as specified in section 2.2, and copy it to "<gpo path>\scripts\scripts.ini" or "<gpo path>\scripts\psscripts.ini", specified as follows, where <gpo path> is the scoped GPO path obtained from the Group Policy: Core Protocol part of the administrative tool. If this fails, the administrator MUST be informed, and the scripts.ini and psscripts.ini files SHOULD be reverted to the state in which it existed prior to the protocol sequence.<4>

To update the scripts.ini or psscripts.ini files in a GPO, the state of that GPO on the Group Policy server MUST be updated with the following message sequence:

1. A remote file open from client to server: The file name used MUST be "<gpo path>\scripts\scripts.ini" or "<gpo path>\scripts\psscripts.ini", where <gpo path> is the user-scoped GPO path (if the GPO user settings are being updated) or the computer-scoped GPO path (if the computer settings are being updated). The remote file open MUST request write permission and request that if the file does not exist it will be created. If the open request returns a failure status, the Group Policy: Scripts Extension Encoding sequence MUST be terminated.

2. The tool MUST perform one or more remote file writes to overwrite the contents of the opened file with new settings. These writes MUST continue until the entire file is copied or an error is encountered.

3. File close: The tool MUST issue a remote file close operation.

The two files, scripts.ini and psscripts.ini, correspond to the two separate groups of scripts supported. Depending on the group of script, the administrative tool updates either scripts.ini or psscripts.ini.