[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1135
  • Last Modified:

Custom ADM file not importing correctly.

I have created a custom ADM file to import into one of my GPOs.  It seems to import properly (no errors), but I only get the new category to show up.  No policies ever exist under it.  For kicks, I downloaded "ADM Template Editor" and imported the file.  Everything looked just fine in there with the policies showing up properly.

This is a Win2003 R2 SP2 server I'm doing the import from.

Here's the file, did I miss something obvious?
--------------------------------------------------------------------
CLASS MACHINE

CATEGORY !!Cat_Cust
    POLICY !!Pol_GPONetTime
      KEYNAME "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
      EXPLAIN !!Explain_GPOTimeout
      PART !!Part_GPOTimeout NUMERIC REQUIRED
        VALUENAME "GPNetworkStartTimeoutPolicyValue"
        MIN 30
        MAX 600
        SPIN 5
      END PART
      PART !!Part_GPOTimeout_More TEXT
      END PART
    END POLICY
    POLICY !!Pol_KerbPackSize
      KEYNAME "SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters"
      EXPLAIN !!Explain_KerbPacketSize
      PART !!Part_KerbPacketSize NUMERIC REQUIRED
        VALUENAME "MaxPacketSize"
        MIN 1
        MAX 2000
        DEFAULT 2000
      END PART
      PART !!Part_KerbPacketSize_More TEXT
      END PART
    END POLICY
END CATEGORY

[strings]
Cat_Cust="HIS Custom"
Pol_GPONetTime="GPO Network Timeout"
Explain_GPOTimeout="This setting changes the timeout value for Group Policies when the computer is starting.  Can be helpful for troubleshooting if GPOs are not applying.  Range is 30-600 seconds.  Try using 60 for troubleshooting."
Part_GPOTimeout="Seconds: "
Pol_KerbPackSize="Kerberos Max Packet Size"
Explain_KerbPacketSize="The Windows 2000 Kerberos Authentication package is the default in Windows 2000. It coexists with challenge/response (NTLM) and is used in instances in which both a client and server can negotiate Kerberos.  Request for Comments (RFC) 1510 states that when a client contacts the Key Distribution Center (KDC), it should send a User Datagram Protocol (UDP) datagram to port 88 at the KDC's IP address.  The KDC should respond with a reply datagram to the sending port at the sender's IP  address.  Windows 2000, by default, uses UDP when the datacan be fit in packets under 2,000 bytes.  Any data above this value uses TCP to carry the packets.  The value of 2,000 bytes is configurable via this policy."
Part_KerbPacketSize="Bytes: "
Part_KerbPacketSize_More="Range is 1 to 2000 bytes.  Use 1 to force Kerberos to use TCP only."
Part_GPOTimeout_More="Range is 30 to 600 seconds.  Use a value larger than 30 for troubleshooting (like 60)."
--------------------------------------------------------------------
0
HISOSU
Asked:
HISOSU
1 Solution
 
Toni UranjekConsultant/TrainerCommented:
Hi!

Go to View, Filtering and clear the check box in front of "Only show policy settings that can be fully managed".

HTH

Toni
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now