Pre-requisites (Admin Side)

In order to configure Group Policy Preferences from an administration console, the admin must be using:

* At least Windows Active Directory 2003
* At least Windows Vista with Remote Server Administration Tools (RSAT) or Windows Server 2008 with Group Policy Management Console installed

– Windows Vista RSAT Download: http://www.microsoft.com/en-us/download/details.aspx?id=18787

– Windows 7 RSAT: http://www.microsoft.com/en-us/download/details.aspx?id=7887

– Windows 8 RSAT: http://www.microsoft.com/en-us/download/details.aspx?id=28972

Client Side Extensions Pre-requisites

In order for your computers and servers to be able to recognize and translate the Group Policy Preferences at the client level, you must deploy the Client Side Extensions. Your clients must be one of the following for successful CSE deployment:

* At least Windows Vista
* At least Windows Server 2003 SP1
* At least Windows XP SP2

What about Windows 7+ or Server 2008+?

Newer versions of Windows after 7 and 2008 already have the needed extensions built in.

Deploying the Client-Side Extensions (non-WSUS)

If you are not using WSUS, you can deploy the CSE’s via an alternate method, start by downloading the CSE installer from Microsoft:
http://technet.microsoft.com/en-us/library/cc731892%28v=ws.10%29.aspx

You can deploy the CSE’s with a variety of methods:

* MS System Configuration Center Manager (i.e. SCCM aka SMS in the old days) or other deployment tool like PDQDeploy (http://www.pdqdeploy.com – they have a free version available)
* Logon/Logoff Scripts
* Scheduled Tasks
* Manually via PSExec
* Sneakernet

You can use the typical command-line arguments for most Windows Update packages:

/passive /norestart

Command-line reference:
http://support.microsoft.com/kb/262841

Deploying the Client-Side Extensions (WSUS)

Open your WSUS Administration Console and find the KB943729 update. (you must have the ‘Updates’ classification turned on for deployment). Enable it for deployment across your workstations and servers. You do not need to restart the clients once the extensions are installed.

http://technet.microsoft.com/en-us/library/cc708450%28v=ws.10%29.aspx

Deploying the XMLLite Parser on your clients (XP and Server 2003)

There is no direct method through WSUS to deploy the XMLLite parser. Vista and newer Operating Systems do not require this installation.

If you have deployed Internet Explorer 7 (or newer) or XP SP3/Server 2003 SP2, then you do not need the XMLLite parser installed on your clients.

Note that you can deploy IE7+, XP SP3/Server 2003 SP2 via WSUS.

You can download the XMLLite Low-Level Parser here:
http://www.microsoft.com/en-us/download/search.aspx?q=XMLLite

You can deploy it via similar methods as the CSE’s in step 3 above.

Creating a new Group Policy with Group Policy Preferences

* Open your Group Policy Management Console
* Expand ‘Forest…’> ‘Domains’> ‘yourdomain.local’> ‘Group Policy Objects’
* Right-click ‘Group Policy Objects’> ‘New’
* Give your policy a name and click ‘OK.’
* Make sure you’ve expanded ‘Group Policy Objects,’ find the new group policy name you created above and right-click it> ‘Edit’
* Expand ‘User Configuration’ or ‘Computer Configuration’

Look for ‘Preferences’ here. You can expand this tree and view the various preferences available to edit.