Automate Administrative Templates to Central Store
Table of Contents
INTRO
If you’re a Sysadmin like I then you know how powerful Microsoft’s Group Policy Management features are in a Windows Server environment where Active Directory is implemented. It’s important then that we keep these policies updated to resolve issues with them.
OFFICIAL DOCUMENTATION
Microsoft has official documentation here on how to perform the process manually on your Windows Domain Controllers or PDCs. You can download the latest templates there, but also keep in-mind other third-party applications have templates as well you can apply, for example Google Chrome, Mozilla Firefox to name a couple. These templates are very handy in controlling your environments.
AUTOMATE INSTALL SCRIPT | POWERSHELL
After installing them a few times and getting tired of it I made a PowerShell script to automate the process. Please let me know if you have issues as I kind of edited this one on the fly for this post without testing but the core of it has been tested. I made sure not to overwrite your current templates.
# Define the URL of the file to download.
$URL = "https://download.microsoft.com/download/8/e/1/8e1c2d4e-9126-4096-8b84-36aa9f524b47/Administrative%20Templates%20(.admx)%20for%20Windows%2011%20July%202023%20Update%20V3.msi"
# Make directory.
New-Item -Path 'C:\TEMP' -ItemType Directory -Force -WarningAction SilentlyContinue -ErrorAction SilentlyContinue | Out-Null
# Define the destination folder to extract to.
$Destination = "C:\TEMP"
# Download the file from the URL.
$DownloadPath = Join-Path $Destination "Administrative_Templates_for_Windows_11_July_2023_Update_V3.msi"
Invoke-WebRequest -Uri $URL -OutFile $DownloadPath
# Install the file from the URL.
Start-Process "Administrative_Templates_for_Windows_11_July_2023_Update_V3.msi" -WorkingDirectory "C:\TEMP" -ArgumentList "/Quiet" -PassThru
# Copy policy templates to SYSVOL location.
Copy-Item -Path "C:\Program Files (x86)\Microsoft Group Policy\Windows 11 July 2023 Update V3 (22H2)\PolicyDefinitions" -Destination "C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions_Win11-22H2-v3" -Recurse -Force
# Check for copied folder then rename and apply.
$Folder = 'C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions_Win11-22H2-v3'
"Test to see if folder [$Folder] exists"
if (Test-Path -Path $Folder) {
Rename-Item -Path "C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions" -NewName "PolicyDefinitions_old" -Force
Rename-Item -path "C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions_Win11-22H2-v3" -NewName "PolicyDefinitions" -Force
GPUpdate /Force
} else {
"An error has occured."
}
# Cleanup
Remove-Item -Path "C:\TEMP\Administrative_Templates_for_Windows_11_July_2023_Update_V3.msi" -ForceCONCLUSION
Well, that’s about it, hope this saves you some time.
My name is Dex Sandel, author at WinReflection, a blog which aims to help others on various IT and Christian related subjects. DON’T TREAD ON ME! The best is yet to come, and nothing can stop what’s coming!
You all have a greater destiny in Christ, should you choose to ‘follow’ Him, not just believe. Many of you feel lost, without drive, and lack a greater purpose in your life causing depression, sadness, anxiety, and loneliness. Working your 9-5 job isn’t your primary purpose. So, then what is? That’s for you to discover, but hopefully I can provide some new unlocks along your path.
What will ‘you’ do, and what will your destiny be?
John 3:16: For God so loved the world that he gave his one and only Son, that whoever believes in him shall not perish but have eternal life.
Leave a Reply
Want to join the discussion?Feel free to contribute!