Today I tested a pretty neat-looking method of getting the Local Group Policy Editor onto Home editions of Windows. It uses only DISM and package files that come with the Home edition. Sure enough, gpedit.msc exists and runs after using it. Changing the Administrative Templates settings persisted across runs of the LGPE, so it was clearly saving them somewhere, but they never wound up in the Registry and therefore had no effect. Therefore, installing the LGPE correctly isn't enough; you also need to have the infrastructure that transcribes the POL contents into the Registry. (Policy Plus does the transcription itself if necessary.)
This DISM approach does work nicely, though, for the things outside the Administrative Templates branch that I tested. Therefore, it's a great complementary strategy to Policy Plus, which currently has no support for anything outside Administrative Templates. The only disadvantage is that it also installs secpol.msc, which is what Policy Plus checks for to determine whether it's on a Pro edition, so that's something I should probably change for users' convenience.
No comments:
Post a Comment