How can I add new Windows 10 admx files to the Group Policy Central Store and then deploy them ?

Introduction

Windows 10 is an operating system that is evolving at a very fast pace and will most likely be released as a new version (part of the Current Branch) every 6 months or so.  At the time of writing there are two versions released (not including Windows 10 insider releases) and they are shown below:

  • Windows 10 build 10240 (1507)
  • Windows 10 build 10586 (1511)

The first release of Windows 10 (RTM) was in July, 2015 and it is sometimes referred to as Windows 10 version 1507, the next release was in November, 2015 and is likewise referred to as version 1511. This versioning is based on YYMM (year/month) format.

Using newly released Windows 10 ADMX templates in Active Directory will allow you to control a lot of the new functionality within Windows 10, however before doing so you need to import those templates into AD because your current AD server infrastructure (probably running on Server 2012 R2) won’t be aware of these new GPO settings as they were released long after the product shipped.

As Windows 10 will be re-released on a regular schedule, it will add new features to the operating system and conversely new GPO templates will be required to control that functionality on a domain level. Therefore you’ll probably find yourself doing these actions a couple of times a year if you are deploying Windows 10 current branch.

To use the new GPOs you need to do the following:

  • Download the new templates
  • Extract the admx and adml files
  • Copy them to the Group Policy Central Store
  • Create new GPO’s
  • Review the changes

Download the new templates

When Microsoft produces a new release of Windows 10, (for example Windows 10 1511) it also produces a downloadable template containing new GPO’s that you can install in Active Directory. To find those templates I’d suggest you use your favorite search engine to search for the following phrase:

“download Windows 10 ADMX templates”

Alternatively you can keep your eyes on the following web page where they occasionally announce the release of new templates for Windows.

In addition to the above search, you can also search for a Microsoft Excel spreadsheet which highlights the changes in GPO’s for that platform, for example search for the following phrase:

“Windows 10 ADMX spreadsheet”

Extract the admx and adml files

Once you’ve found the corresponding templates for the version of Windows 10 you want to support (for example here are the ADMX templates for Windows 10 1511) then download the MSI (or copy it) to the desktop of your source computer.

msi on desktopDouble click on it to start the installation (extraction)

admx wizardaccept the EULA and then let it extract the files to the default location which is something like C:\Program Files (x86)\Microsoft Group Policy\Windows 10 Version 1511\

default location

close the wizard when done.

Copy them to the Group Policy Central Store

Note: This process is further explained on Technet here.

Now that you’ve got the new ADML and ADMX files, you need them copied to the Group Policy Central Store.  If you already  have a Central Store in SYSVOL on the domain controller, skip to the copying files section below.

Creating a central store

The Central Store is a file location that is checked by the Group Policy tools. The Group Policy tools use any .admx files that are in the Central Store. The files that are in the Central Store are later replicated to all domain controllers in the domain.

To create a Central Store for .admx and .adml files, using Windows File Explorer create a folder that is named PolicyDefinitions in the following location (for example) on the domain controller:

\\ad1.windowsnoob.lab.local\SYSVOL\windowsnoob.lab.local\Policies

as shown in the screenshot below

create policydefinitions folderCopying the files

Note: Before copying any new ADMX and ADML files backup any that are present in the PolicyDefinitions folder.

To copy the new files do as follows. Copy all files from the PolicyDefinitions folder that you extracted the files to on the source computer, that location was:

C:\Program Files (x86)\Microsoft Group Policy\Windows 10 Version 1511\PolicyDefinitions

copyto the PolicyDefinitions folder within SYSVOL on the Domain Controller that you’ve just created on the domain controller.

copied to sysvolYou can remove any language folders that you do not want to support, so if you are using only English, keep en-US only.

en-us

 

Create new GPO’s

Close any opened Group Policy Management Console windows, then open GPMC again and create a new policy.

Windows 10 GPOIn this example we will create a GPO to disable the Windows 10 consumer experience which is a new GPO available in the 1511 templates.

Right click on the New GPO and choose Edit

edit gpoNext, navigate to Computer Configuration\Policies\Administrative Templates. Left click on Administrative Templates. You should now see: Administrative Templates: Policy Definitions (ADMX files) retrieved from the Central Store

policy definitions retrieved from the central store

Navigate to Computer Configuration\Policies\Administrative Templates\Windows Components\Cloud Content and then select the following setting:

  • Turn off Microsoft consumer experiences

Set it to Enabled as shown below.

turn off Microsoft consumer experiencesThat’s it, any computers that are present in the OU targeted by the GPO will get the new setting and will apply the changes if appropriate.

Review the changes

On a computer that has not yet received the policy, but which is targeted by the GPO check the following setting (must be running Windows 10 1511 or later). This setting is enabled by default (and greyed out if Windows is not activated).

before GPO is appliedNext do a gpupdate /force in an administrative command prompt as shown below:

gpupdate forceand go back to the same setting you reviewed above, notice the difference and that it states ‘some settings are managed by your organization‘ and that the suggestions are set to Off.

some settins are managed by your organizationResult!

Related reading

Summary

In this blog post you learned how to find and download the latest Windows 10 admx files, how to add them to your Group Policy Central Store and how to then deploy a GPO from the new templates.

 

 

This entry was posted in ADMX Templates, Windows 10. Bookmark the permalink.

4 Responses to How can I add new Windows 10 admx files to the Group Policy Central Store and then deploy them ?

  1. Pingback: Adding Windows 10 admx files to the Group Policy Central Store – Microsoft Evangelist

  2. Pingback: Windows 10 – Ajouter les nouveaux Admx – L2T

  3. bdigital2000 says:

    Old post I know, but I’m looking to do the same. When I go to copy my ADMX files to my central store, is there any issues with the fact that it asks if I want to over-write the files with the same name?

    I plan on saving a copy of the folder so I have the original files, but I was curious if there present a problem with the fact I have a fair amount of GPOs and by replacing the ADMX with newer versions, I don’t want to break any of my existing GPOs.

Leave a Reply