| Platform SDK: Group Policy |
The Group Policy snap-in stores registry-based configuration settings in two Registry.pol files. One file contains computer settings and the other file contains user settings. The Group Policy snap-in saves the settings to these files on exit, and imports the settings on startup.
A Registry.pol file is a text file that consists of a header and a body. The header contains two DWORD values that indicate the file signature and version. These values are defined as follows.
| Value | Definition |
|---|---|
| REGFILE_SIGNATURE | Defined as 0x67655250. |
| REGISTRY_FILE_VERSION | Initially defined as 1, then incremented each time the file format is changed. |
The body consists of registry values in the following format.
[key;value;type;size;data]
The following values have special meaning for this field.
| Value | Meaning |
|---|---|
| **DeleteValues | A semicolon-delimited list of values to delete. Use as a value of the associated key. |
| **Del.valuename | Deletes a single value. Use as a value of the associated key. |
| **DelVals | Deletes all values in a key. Use as a value of the associated key. |
| **DeleteKeys | A semicolon-delimited list of keys to delete.
Example: **DeleteKeys NoRun;NoFind |
| **SecureKey | **SecureKey=1 secures the key, giving administrators and the system full control, and giving users read-only access. **SecureKey=0 resets access to the key to whatever is set on the root. |
REG_BINARY
REG_DWORD
REG_EXPAND_SZ
REG_MULTI_SZ
REG_SZ
If value, type, size, or data are missing or zero, only the registry key will be created.
Note A Registry.pol file produced by the Windows NT 4.0 System Policy Editor is a binary file. It is not compatible with the Group Policy snap-in.