Microsoft apparently changed its mind about only publishing policy definitions through Windows Update - new MSIs are now available for download on the web - so I was able to update Policy Plus's Acquire ADMX feature to download the most recent (20H2) definitions, after dealing with the wrinkle that the directory structure inside the MSI archive changed somewhat.
I recently received an issue report from a Policy Plus user stating that acquiring ADMX files failed in the "securing destination" phase on Windows 7 Home. Sure enough, I got the same error when testing on Windows 7 specifically, but not on Windows 10. Evidently, the PolicyDefinitions folder's ACL is different across Windows versions. I fixed the immediate problem by setting the owner to Administrators (using the take-ownership privilege) in a separate step before adding the ACL that allows Administrators full control. While inspecting the ACLs, however, I also noticed that the newly installed policy definition files had ACLs from the temporary directory under the user's profile folder rather than the typical ACL for publicly readable Windows files. ACLs are now inherited from the PolicyDefinitions directory, like they should be. Finally, I added a check for whether Policy Plus is elevated and, if not, made all permission overrides skipped so that normal users can make their own personal, portable policy definitions folder.
These changes are live on GitHub.
