GPEdit.MSC – Doesn’t show changes made to the registry?


GPEdit.MSC – Doesn’t show changes made to the registry?

That’s a question that came up a couple of times in the past, so I thought I’d write a few words about it. The question is:

“When I make changes to the registry that correspond to a Group Policy Setting, why doesn’t show GPEdit.msc (the GPEditor) the changed setting?”

That is due to how Windows applies GP settings to the registry.

What GPEdit writes and reads is not the registry directly but a intermediate file, called the Registry.POL. The POL file stores the changes and registry values that get incorporated by the Registry CSE (well, there’s some involvement with the ntuser.dat but that’s a different story). The point is that GPEdit reads/writes Registry.POL and the CSE is using that Registry.POL file to read the registry configuration off the the file to put it into the registry.

When making changes to the registry, the Registry CSE doesn’t care about the current state of the registry keys and values it changes – it just applies the settings governed by the POL file. In fact, it does wipe all values in the “four” special POLICY-hives and re-creates them according to the POL file. So – changes you make to the Registry are not carried out back to the POL file and therefore, GPEdit won’t look find them there.

What you will always see in GPEdit is what is configured in the Registry.POL file.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: