How does Registry.pol get updated?

Question

How does Registry.pol get updated?

ExhaustedTech 11

I've come across articles stating that registry.pol should be updated regularly and if it's outdated, it should be renamed and a new one get generated.

What exactly causes the registry.pol to get updated and is it still relevant? I've also seen a post where the responder said it's for legacy purposes so I'm curious if it's even still needed.

99% of the devices in our environment have registry.pol files that are at least 6 months old, even though new GPOs have been setup since then. If pushing a new policy doesn't cause it to update, what does?

Update: for some context- we had a device not installing updates from SCCM. When I logged into it, I immediately noticed it did not have the correct policies applied and that's when I noticed the .pol hadn't updated in several years. I decided to check all .pol files on the network to ensure we didn't have more that were severely outdated and that's when I discovered that all but 3 were severely outdated.

Clifton Hughes 0 Reputation points

2024-01-25T20:48:38.5133333+00:00

If you have configuration manager or Intune, you can create a Configuration item and baseline to find and remediate this, and have it run ongoing. Or with Intune you can use Remediations to create a discovery and remediation process to find it and fix it ongoing. Here is link to some information on the ConfigMgr baseline: https://github.com/2pintsoftware/ConfigMgr

1 answer

Your answer

Clifton Hughes 0 Reputation points

2024-01-25T20:48:38.5133333+00:00

If you have configuration manager or Intune, you can create a Configuration item and baseline to find and remediate this, and have it run ongoing. Or with Intune you can use Remediations to create a discovery and remediation process to find it and fix it ongoing. Here is link to some information on the ConfigMgr baseline: https://github.com/2pintsoftware/ConfigMgr

Answer 1

AllenLiu-MSFT 49,316 Microsoft External Staff

Hi, @ExhaustedTech

Thank you for posting in Microsoft Q&A forum.

The Registry.pol file is generated to store policies set by Group Policy Objects (GPOs) on client computers in an Active Directory domain. This file is present in every GPO applied computer and is responsible for storing registry policy settings for a machine.

The Registry.pol file is updated according to the settings policies configured in a GPO assigned to the device. When you create a new GPO, make a change to an existing setting, or remove a GPO link from a domain, the Registry.pol file gets updated to reflect the changes made.

However, it's important to note that conflicting policies can prevent or delay updates from taking effect. In some cases, administrators set devices to get both Group Policy settings and MDM settings from an MDM server such as Microsoft Intune. Policy conflicts are handled differently, depending on how they are ultimately set up. Windows updates give Group Policy settings precedence over MDM policies. Regarding Microsoft Intune, if you set different values for the same policies on two different groups, an alert is given, and neither policy will be set until the conflict is resolved.

Registry.pol files are still relevant in the environment, but administrators need to maintain them regularly. It's recommended to update the policies and generate new Registry.pol files regularly. If the Registry.pol file is outdated and you want to create a new one, you must delete the old Registry.pol file, log out, and log in again to generate a new one.

For your reference:

https://learn.microsoft.com/en-us/windows/deployment/update/update-policies#old-or-conflicting-policies

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Add comment".

ExhaustedTech 11 Reputation points

2023-07-18T04:07:40.21+00:00

We do not have conflicting policies in place currently since everything is still managed on prem.

I am trying to figure out why all but 3 devices out of about 800, have registry.pol files over 6 months old but the new policies that have been put in since then, are working on the devices as designed. Only one device out of all of them had GP issues but all others are functioning with the correct policies, regardless of how old the registry.pol is
AllenLiu-MSFT 49,316 Reputation points Microsoft External Staff

2023-07-18T07:46:34.12+00:00

Hi, @ExhaustedTech

There doesn't seem to be a reasonable explanation why the registry.pol file hasn't been updated for more than six months, but Group Policy applied correctly.

Have we tried to rename and restart computer to see if it generates a new registry.pol file, and check if the new registry.pol file will update after a new Group Policy applied?
ExhaustedTech 11 Reputation points

2023-07-18T13:30:07.3833333+00:00

Only on the one where GP wasn't updating properly. If all other ones are working, I'm hesitant to do that since it could end up breaking them. I'm essentially just wanting to confirm that the .pol should be updating every time a GPO updates or gets created.
ExhaustedTech 11 Reputation points

2023-07-18T22:25:02.5033333+00:00

Can you tell me specifically what causes the registry.pol to update? Is it anytime a GPO is applied/modified? Only in certain circumstances?
If what you're saying is correct, nearly our whole environment is broken and that's not what we're experiencing.
AllenLiu-MSFT 49,316 Reputation points Microsoft External Staff

2023-07-20T09:11:00.36+00:00

Hi, @Anonymous

The Registry.pol file in my SCCM environment is updated daily, the corresponding event log is GroupPolicy (Microsoft-Windows-GroupPolicy).

If the group policy settings for the computer were processed successfully, the event ID is 1502, if failed, it will be 1129 or 1096 or others.

You may check your event log to see what code you get.
ExhaustedTech 11 Reputation points

2023-07-20T14:50:21.46+00:00

As I stated, the policies are successfully applying. That's why I'm specifically asking what triggers the Registry.pol to update itself. I'm looking at a device right now where the group policy successfully applied and updated 32 settings this morning. However, the registry.pol file still has a modified date of 6/20 (the date I last deleted the registry.pol file and it recreated).

Policies are applying and SCCM is able to successfully send software updates. I'm asking what triggers the registry.pol itself to update and change its modified date.
SethRoberts-0739 31 Reputation points

2023-09-29T16:56:18+00:00

Did you ever determine why your registry.pol files weren't being updated? We have noticed similar behavior in our environment, but don't fully understand the issue. Outdated files, but GPO's appear to process normally. Renaming or deleting the registry.pol file results in the system not creating a new file unless I open Local Policy Editor and manually configure a user or machine setting. Even then, domain group policy refreshes don't update the file with new information from the domain policies. Very perplexing.
ExhaustedTech 11 Reputation points

2024-01-25T20:52:06.82+00:00

No, they never answered my question. They said many other irrelevant things but never actually answered the question asked.

Share via

How does Registry.pol get updated?

1 answer

Your answer