thr3ads.net - samba - [Samba] utility/script -> "Registry.pol" from "*.reg" or "*.ADM" ? [Jul 2003]

If this information is useful, please help other people find it:
Share via:

Urs Rau

2003-Jul-31 20:22 UTC

[Samba] utility/script -> "Registry.pol" from ".reg" or ".ADM" ?

Does anybody have or know of a utility/(perl?)script that creates the 
w2k/xp AD GPO style "Registry.pol" files from the unix cmd line?
The "Registry.pol & gpt.ini" file format is very very simple, 
"http://msdn.microsoft.com/library/default.asp?url=/library/en-us/policy/policy/registry_policy_file_format.asp"
  so somebody must have written it, surely?

My proof of concept tests show me that I could do a poor mans ADS only 
using the builtin (local)gpo service by simply "playing" around with
the
LGPO files Registry.pol (both for user or machine) and increasing the 
version number in gpt.ini, during user login or using wmi. And at the 
end of the update script/cycle do a "gpupdate /force", or possibly
live
with a reasonable short gpo refresh time.

It works and allows me to use many gpo features, save software 
distribution, which I can do differently anyway.

I am thinking of a (unix-side)commandline program that scans a "*.reg"
export and creates a corresponding "Registry.pol" file or maybe also 
runs interactively and scans an "*.ADM" file to create the 
"Registry.pol" files.

At the moment I have to use the win gui "gpedit.msc" (or gpmc.msc) to 
read the "*.adm" file in order to create the "Registry.pol"
file.

Any other ideas or pointers or ... greatly appreciated.

Urs Rau

samba - Jul 2003 - utility/script -> "Registry.pol" from "*.reg" or "*.ADM" ?

[Samba] utility/script -> "Registry.pol" from "*.reg" or "*.ADM" ?

samba - Jul 2003 - utility/script -> "Registry.pol" from ".reg" or ".ADM" ?

[Samba] utility/script -> "Registry.pol" from ".reg" or ".ADM" ?