Reading Policy Data from the Registry

If your application reads policy data from the registry, it should read policy data when the computer starts and again during a refresh.

To ensure that policy is not updated while you are reading the registry, your application must call the EnterCriticalPolicySection function to obtain ownership of the policy section. When your application finishes reading the registry, it must call the LeaveCriticalPolicySection function to release ownership of the policy section, so that other applications can resume updating policy. If the critical section is not released within 10 minutes, the system forces the application to release it, and then policy can be applied again.

Applications designed for Windows use the registry to store policy settings. This is the recommended way to create policy settings for applications. The Group Policy Object Editor obtains registry-based policy settings from an administrative template file. This is a text file that specifies the registry-based policy that can be modified through the Group Policy Object Editor.

For more information, see the following topics:

• Background Refresh of Group Policy
• Administrative Template File Format