Extra Registry Settings in GPME

As a systems administrator you’ll often need to clean up (Group Policies) GP’s in many organizations Windows Domain environments.
Before I get into my story, here is some background info on ADM and ADMX files and templates.

While I was working on cleaning up and verifying processed Policies, I came across one that stated Extra Registry Settings.
Thing to check and note is if the polcies templates are derived from the localstore or a central store.
If its using the local store it will check C:\Windows\inf for .adm files, and C:\Windows\PolicyDefinitions for.admx files.
If using a central store, they will be under PolicyDefinitions under the SYSVOL folder, this is used for replication services.
It’s also important to note that when you add an .adm file to a GP (either User or Computer Category) the adm file gets copied to the policies folder in SYSVOL.

So the first thing I checked was under the poclies ID folder in SYSVOL I found a adm template file, and made a copy of it.
You can open .adm file with notepad, and check here for how they are structured.
After checking the structure of the file it was exactly matched to what was displayed in the Extra Registery settings.
I even enabled the settings, removed the .adm from the GP in GPME, checked the settings tab in GPM and they “Extra Registry Settings” were exactly the same.
I was stumped, I couldn’t figure out what was going on, and the .adm file were in all places Windows would look for them.

I came in this morning and decided to give it one more shot… I just can’t let things go when they bother me, and rebuilding the GPO just didn’t seem like a good solution.
What I did was I took the ValueName, and appended it to the KEYNAME string, I left the Valuename the same, and this was enough to work!
It finally showed the correct heading in GPM, I was able to change their settings, and finally remove the .adm file to have a clean GP!

Jan 2018 Update

It’s been a long time since I had to such things as reverse engineer ADM files. This is a pretty cool post, haha.

Leave a Reply

Your email address will not be published.