One staple of the Group Policy Editor is the State column, which shows whether each policy setting is Enabled, Disabled, or Not Configured. Determining that is surprisingly tricky, since there's nowhere that the actual policy state is stored; it's serialized to and reverse-engineered from normal Registry entries (stored in POL files, not the actual Registry). Today, I wrote a function that gathers evidence from those entries to determine the state of a given policy setting.
I also updated the
PolFile class to have a Save method, though it's not used yet.
I would have pushed these changes, but I haven't yet figured out a good way of handling the user/machine policy split. Currently, Policy Plus uses the machine POL file to determine policy state.
 |
| Showing the State column |
No comments:
Post a Comment