Windows OS Hub
  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux

 Windows OS Hub / Group Policies / Updating Group Policy Administrative Templates (ADMX)

January 24, 2025

Updating Group Policy Administrative Templates (ADMX)

Group Policy Administrative Templates contain settings that allow administrators to conveniently configure various Windows settings, components, and third-party software. In this article, we will look at how to install new administrative templates or update existing ADMX template versions on a standalone Windows computer and in an Active Directory domain.

Contents:
  • Understanding Group Policy Administrative Templates (ADMX)
  • How to Update Group Policy ADMX Templates for Windows 11
  • Installing New ADMX Policy Templates for Group Policy

Understanding Group Policy Administrative Templates (ADMX)

GPO Administrative Templates (ADMX files) are XML configuration files that contain settings for the Group Policy Editor. They contain definitions of various settings, describing which parameters can be configured and their valid values. Essentially, ADMX templates define the changes that must be made to the Windows registry to apply to various settings.

  • Computer configuration policies make changes to registry keys HKLM\Software\Policies and HKLM\Software\Microsoft\WindowsCurrentVersion\Policies
  • User configuration policies in HKCU\Software\Policies and HKCU\Software\Microsoft\Windows\CurrentVersion\Policies

The built-in administrative template files are available on any Windows computer and can be found in the following directory C:\Windows\PolicyDefinitions. For example:

  • Windows Defender.admx — contains settings for managing the built-in Windows antivirus.
  • TerminalServer.admx – settings for Remote Desktop Services (RDS licensing options, RDP session timeouts, etc.)

ADMX template files in PolicyDefinitions folder

Third-party developers and administrators can create their own ADMX templates for their apps. ADML files are used for multilingual support in ADMX templates.

ADMX templates act as an interface that simplifies management registry options via Group Policies, making it easier for administrators to configure the same settings on all devices.

Administrative Templates in Group Policy editor

How to Update Group Policy ADMX Templates for Windows 11

As new versions of Windows are released with new features, developers can add new settings to ADMX Group Policy templates. To see the new settings in the GPO Editor, the Administrative Templates files must be updated to newer versions. If you’re running Windows Server 2019 on your domain controllers, and want to use GPO to manage new settings available for Windows 11 24H2 computers, you’ll need to update the ADMX files on the DC. These files contain the latest policy settings compatible with Windows 11 24H2, so you can apply and manage new policies for these devices.

Let’s look at how to update the administrative GPO templates on the AD domain controller to support the latest available version of Windows 11.

  1. A list of links to download administrative templates for all supported versions of Windows is available here https://docs.microsoft.com/en-us/troubleshoot/windows-client/group-policy/create-and-manage-central-store
  2. In the list, find the latest Windows build that is in use in your environment (in my example, this is Windows 11 2024 Update 24H2). download newest admx template version for windows 11
  3. Follow the link to download the MSI installer. Install Administrative Templates (.admx) for Windows 11 Sep 2024 Update.msi on any computer in the domain (there is no need to install it directly on a DC) Install ADMX new template from MSI package
  4. Copy the contents of the C:\Program Files (x86)\Microsoft Group Policy\Windows 11 Sep 2024 Update (24H2)\PolicyDefinitions directory to the central GPO store folder on the domain controller (\\woshub.com\SYSVOL\woshub.com\Policies\PolicyDefinitions). Replace (!!!) the existing files.
Important notes!

  • Before replacing the files, be sure to back up the contents of the PolicyDefinitions directory in the SYSVOL folder on the DC (this allows you to roll back to previous versions of ADMX templates).
  • There is no need to copy folders of ADML files for all the languages to the DC. Copy only the folders containing the languages you use in the GPO editor. This will reduce the size of the SYSVOL directory on the DC and reduce AD replication traffic;
  • you have a computer running the new Windows 11 24H2 build, you can copy the new administrative template files from it (from %WinDir%\PolicyDefinitions ). In this case, you do not need to use the MSI installer.

copy edge admx to policydefinitions folder on domain controller

  1. New ADMX template files in the SYSVOL directory will be automatically replicated to AD other domain controllers.
  2. Make sure that the GPO templates are installed correctly. Open the domain Group Policy Management Console (gpmc.msc), create a new empty GPO, and try to edit it. Expand the Administrative Templates section. If the editor has successfully loaded all template files, the following message is displayed here: Policy definitions (ADMX files) retrieved from the central store Policy definitions (ADMX files) retrieved from the central store
  3. You can now configure new Group Policy settings and apply them to target computers.
If only local policy templates are loaded into the GPO editor console, check that the EnableLocalStoreOverride parameter in the registry is not set to 1 (HKLM\SOFTWARE\Policies\Microsoft\Windows). If this option is created, the GP Editor will load ADMX templates from the local %windir%\policydefinitions folder rather than from the Domain Central Store.

Installing New ADMX Policy Templates for Group Policy

In the same way, you can add administrative templates for other apps (including third-party ones). For example, you want to install new administrative templates to manage Microsoft Edge browser settings via GPO.

  1. Go to the Microsoft Edge for business webpage(https://www.microsoft.com/en-us/edge/business/download);
  2. Select the Edge version, build number, and platform. Click the Get policy files button Download MS Edge admx policy files
  3. Extract the MicrosoftEdgePolicyTemplates.cab file
  4. Go to the \MicrosoftEdgePolicyTemplates\windows\admx folder. Copy msedge.admx, msedgeupdate.admx, msedgewebview2.admx, and the directories containing ADML language files (for example, de-DE and en-US) to the Group Policy Central store folder on a domain controller (\\woshub.com\SYSVOL\woshub.com\Policies\PolicyDefinitions);  new gpo setting in gpmc.msc editor
  5. Open the GPO editor console and check that there are new Administrative Templates sections for configuring Microsoft Edge browser settings. GPO Administrative Templates for managing Edge

Examples of how to install and use different ADMX GPO templates:

  • Group Policy administrative templates for Microsoft Office apps (Word, Excel. Outlook, etc).
  • ADMX templates for Google Chrome
  • Templates for local user password management with LAPS (Local Administrator Password Solution)
  • GPO templates for implementing recommended Windows security settings (Microsoft Security Baseline)

If you have multiple versions of the software that you want to manage using GPO, download and install all the ADMX files for all versions, starting with the earliest on your DC (administrative templates for the latest software version must be installed last.).

Possible errors after updating (installing) new Group Policy templates

Expanding administrative templates in the GPO Editor may cause errors:

An appropriate resource file could not be found for file yyy.admx. The system cannot find the file specified.

An appropriate resource file could not be found for file yyy.admx. The system cannot find the file specified

Namespace Microsoft.Policies.Sensors.WindowsLocationProvider is already defined as the target namespace for another file in the store.

ADMX GPO error: Namespace is already defined as the target

In all of these cases, make sure you are using the latest available version of the ADMX file referenced in the error. Check that the file exists, is not corrupt, has the correct NTFS permissions, and that the corresponding ADML file is in the EN-US folder (and, optionally, in the folder for the other language, if you are using the localized Windows version). Replace ADMX/ADML files with newer versions.

0 comment
10
Facebook Twitter Google + Pinterest
Active DirectoryGroup PoliciesWindows 10Windows 11Windows Server 2022
previous post
Configuring Cron Jobs with Crontab on CentOS/RHEL Linux
next post
Import, Export and Clone Virtual Machines in Hyper-V

Related Reading

How to Refresh (Update) Group Policy Settings on...

August 13, 2024

How to Hide or Show User Accounts from...

July 24, 2024

Updating List of Trusted Root Certificates in Windows

March 11, 2024

Troubleshooting: Group Policy (GPO) Not Being Applied to...

March 15, 2024

How to Disable NetBIOS, LLMNR, mDNS Protocols in...

March 20, 2025

Configuring Password Policy in Active Directory Domain

March 12, 2024

Display System Info on Desktop with BGInfo

February 6, 2025

Caching Domain Logon Credentials on Windows

March 12, 2024

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • Map a Network Drive over SSH (SSHFS) in Windows

    May 13, 2025
  • Configure NTP Time Source for Active Directory Domain

    May 6, 2025
  • Cannot Install Network Adapter Drivers on Windows Server

    April 29, 2025
  • Change BIOS from Legacy to UEFI without Reinstalling Windows

    April 21, 2025
  • How to Prefer IPv4 over IPv6 in Windows Networks

    April 9, 2025
  • Load Drivers from WinPE or Recovery CMD

    March 26, 2025
  • How to Block Common (Weak) Passwords in Active Directory

    March 25, 2025
  • Fix: The referenced assembly could not be found error (0x80073701) on Windows

    March 17, 2025
  • Exclude a Specific User or Computer from Group Policy

    March 12, 2025
  • AD Domain Join: Computer Account Re-use Blocked

    March 11, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • Configure Google Chrome Settings with Group Policy
  • Get-ADUser: Find Active Directory User Info with PowerShell
  • How to Disable or Enable USB Drives in Windows using Group Policy
  • How to Find the Source of Account Lockouts in Active Directory
  • Get-ADComputer: Find Computer Properties in Active Directory with PowerShell
  • Configuring Proxy Settings on Windows Using Group Policy Preferences
  • Adding Domain Users to the Local Administrators Group in Windows
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top