Changes in Windows
Server 2008 and
Group Policy
Architecture
1-800-COURSES
www.globalknowledge.com
Expert Reference Series of White Papers
Introduction
Now that now that new Windows technology (in the dual garb of Windows Vista and the Windows 2008
Server) has arrived on the scene, many network planners are taking a closer look at some of the architectural
changes that Microsoft has made to the Group Policy structure.
The underlying concept of Group Policy hasn't changed – it's still fundamentally a Great Big Network Registry
Editor
. Mak
e a setting,
and Group Policy enforces it for you from that point forward. (Of course, Group Policy
goes beyond Registry settings to include a variety of security and software installation capabilities, too.)
Having said that, the implementation of Group P
olicy has evolved in several useful and interesting ways:
• New status as an operating system Service
• Network Location Awareness
• Improved log file viewing
• New source file format (ADMX)
• New migration/editing utility
• Central-store management
• Dynamic source file loading
• Multi-language support
• Multiple local Group Policy Objects (GPOs)
This paper takes a look at these nine structural changes. (If you'd like to read about some of the new Group
P
olicy settings that

In Windows XP/2003/2000, the Group Policy agent on the client didn't pay a whole lot of attention to whether
the computer on which it w
as running was connected to the network or not. If a policy refresh cycle failed, for
example, because the laptop was disconnected or no domain controller was available, Windows would simply
wait another cycle (90 minutes plus a random value from 0 to 30 minutes) and try again. Furthermore, when it
did try to pay attention to network conditions
,
it sometimes did so clumsily
.
F
or example, Group Policy would
attempt to detect slow links using ping (ICMP),
which many organizations block at the firew
all or router level.
Windows Server 2008/Vista is now more network-aware when it comes to policy processing. If a policy refresh
cycle fails when a computer is offline, and the computer (or domain controller) goes online, Vista doesn't wait
around;
instead,
it attempts to perform a policy refresh as soon as it can.
It also uses a different mechanism
than ping to determine the speed of the network connection.
T
hese enhancements fall under (of course) a new
acronym:
NLA, for Network Location Awareness.
Copyright ©2007 Global Knowledge T
raining LLC. All rights reserved.
Page 3
Figure 2. Slow link detection no longer depends on PING.
Improved Log File Viewing

the DWORD value is GpSvcDebugLevel,
and you can set it to 10002.
Oh, and the filename is now named GPSVCLOG.LOG instead of USERENV.LOG.)
Copyright ©2007 Global Knowledge T
raining LLC. All rights reserved.
Page 4
Figure 3. Group Policy events now appear with other system events.
A downloadable tool from Microsoft (search on GPLogV
iew.MSI) is handy for collecting Group Policy related
events from the event logs and exporting those events into
TXT, HTML, or XML formats. (This tool requires that
your system participate in the Genuine Windows program before you can download it.)
Finally, if you want to view Group Policy events from multiple computers in one place (e.g., on your own Vista
workstation), you can do it, as long as you and those other systems are running Vista or Windows server 2008
Server
. I don't have room to go through all the details here, but in a nutshell, you activate the Windows
Remote Management service on all the relev
ant machines, and then you set up a "subscription" in the Event
Viewer console (EVENTVWR.MSC). Note that when you do this, you must provide administrative credentials
with which to authenticate to the remote systems.
New Source File Format (ADMX/ADML)
Those readers who remember Windows NT may recall that .ADM files were present way back then, as part of
the old System Policy (POLEDIT) architecture which represented the klutzy beginnings of today's Group Policy
design.
Even though Group P
olicy in
Windows XP/2003/2000 is much more sophisticated than it w
as in the NT
days
,