In this article, we will show how to update (install) new GPO administrative templates (admx) in the Active Directory domain when upgrading a Windows 10 or Windows Server 2016/2019 build on your devices.
ADMX
(and ADML
) files used in the Group Policy Editor to set computer or user settings. Actually, the administrative templates describe the changes to be made in the registry to apply different settings.How to Update ADMX GPO Templates in AD
Since Microsoft is constantly upgrading its operating systems and adding new features to them, it regularly releases new administrative template files. To enable an administrator to manage new Windows features centrally using GPO, they must regularly update administrative templates in their AD domains.
For example, you have a Windows Server 2016 domain with computers upgraded to build Windows 10 2004. A new Delivery Optimization option to manage Windows Update for Business (WufB) appeared in the build. Now you can set the maximum bandwidth that Delivery Optimization can use to download updates in the background.
Maximum Foreground Download Bandwidth (in kb/s) option is available in the following section of the Local Group Policy Editor (gpedit.msc) on computers running Windows 10 2004 (20H2): Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Delivery Optimization.
But you won’t be able to configure this option on all computers using domain GPOs, since there is no such option in the domain Group Policy Management editor (gpmc.msc
). This is because there are no new settings in the administrative template files on domain controllers. They may be used only in local policies or in MLGPO on a device with a new Windows 10 build.
gpmc.msc
editor.In this case, you have to update the GPO administrative templates on your domain controllers. Let’s see how to do it:
- Download administrative templates for the latest Windows 10 build used in your domain. In our case, it is Windows 10 2004. It is easier to search for “Administrative Templates (.admx) for Windows 10 2004” in Google; The complete list of direct links to download administrative templates for different Windows versions and builds is available here: https://docs.microsoft.com/en-us/troubleshoot/windows-client/group-policy/create-and-manage-central-store.
- Download and install the MSI file (
Administrative Templates .admx for Windows 10 May 2020 Update.msi
). - Then copy the contents of
C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2020 Update (2004)\PolicyDefinitions
to the GPO Central Store on your domain controller (\\woshub.com\SYSVOL\woshub.com\Policies\PolicyDefinitions) with file replacement (!).Some important tips!- Remember to backup PolicyDefinitions directory on your domain controller prior to replacing files (thus you will be able to roll back to previous admx templates version);
- It is not necessary to copy directories with the adml files for different languages. Just copy the directories for those languages you are using in your GPO editor. Thus you will reduce the replication traffic and the size of SYSVOL folder on your DC;
- If you already have a computer with a new Windows 10 build, you can copy the administrative templates from
%WinDir%\PolicyDefinitions
without installing the MSI file.
- Then open the Group Policy Management Console (
gpmc.msc
), create a new GPO, and make sure that it has the policy settings from the new Windows 10 build.If you want a GPO with new settings to be applied to the specific Windows 10 builds only, you can use the GPO WMI filters. - Configure the policy, assign it to clients, update the GPO settings on them, and make sure that the new settings have been applied.
- Download administrative templates for the latest Windows 10 build used in your domain. In our case, it is Windows 10 2004. It is easier to search for “Administrative Templates (.admx) for Windows 10 2004” in Google;
Installing a New Administrative Template in an Active Directory Domain
In the same way, new administrative templates are installed. For example, you are going to use GPO to manage Edge Chromium settings on user computers. There are no administrative templates for Edge Chromium both in Windows 10 2004 and in 20H2. You will have to download Edge Chromium policy files manually and copy the admx files to the PolicyDefinitions directory on your domain controller.
- Go to the Microsoft Edge for business (https://www.microsoft.com/en-us/edge/business/download);
- Select Edge version, build, and platform you want to use. Click Get Policy Files;
- Extract the
MicrosoftEdgePolicyTemplates.cab
file; - Go to
\MicrosoftEdgePolicyTemplates\windows\admx
. Copy msedge.admx, msedgeupdate.admx and directories containing language packages (for example,de-DE
anden-US
) to the Central Group Policy store on a domain controller (\\woshub.com\SYSVOL\woshub.com\Policies\PolicyDefinitions); - Make sure that new policy sections to configure Microsoft Edge settings have appeared in the domain GPO editor.
If your company is using multiple software versions you want to manage using GPO, download and install all ADMX files for all versions starting with the earliest one on your DC (admx templates for the latest software version must be installed last).