2.1.2.2 Component Functionality
The following diagram shows the internal components and protocol connections for the Group Policy protocols.
Figure 5: Internal component functions
The general functions of Group Policy components as follows:
Core Group Policy engine: Coordinates the application and processing of Group Policy by handling tasks such as:
Applying Group Policy at regular intervals
Accessing GPOs and retrieving GPO extension lists from Active Directory.
Accessing policy settings on the Group Policy file share.
Filtering and ordering GPOs
Providing notification of Group Policy changes.
Extension protocols: Consist of CSE and Administrative tool extension protocols that extend Group Policy application functionality. Note that implementers can create their own custom extension protocols, as described in [MS-GPOL], section 1.8.
-
In the preceding diagram, the color-code scheme indicates that most Group Policy extension protocols implement both an administrative-side and a client-side extension. However, the Group Policy: Firewall and Advanced Security Data Structure defined in [MS-GPFAS], implements only an administrative-side extension. For additional information about administrative-side and client-side extensions, see sections 1.1.4 and 2.2.
Group Policy file share: An implementation-specific version of a file share location. The Group Policy file share location and its internal directory structure are shared with all Group Policy clients and can be replicated to other peers in a multimaster topology.
Group Policy management: The Administrative tool provides facilities for locating, retrieving, creating, modifying, and deleting group policies. These management functions can be accomplished from an interface such as the GPMC, a custom application, or a command-line tool.
Directory service: An implementation-specific version of an LDAP-accessible directory service, such as Active Directory, for the storage of GPOs.