11/11/2008

The following procedures show you how to create a new Group Policy object (GPO) for managed Windows Mobile devices. To create a new GPO for managed devices, you must first create a new GPO and then add the administrative template (ADM) file for managed devices to the new GPO. During installation of MDM Administrator Tools the ADM template is installed in %windir%\inf, the default windows directory, for example D:\Windows\inf.

For instructions on creating custom ADM template files, see this Microsoft Web site:

http://go.microsoft.com/fwlink/?LinkId=128439 .

To have MDM use the custom ADM template, the registry key in the template should take the following format:

Copy Code 
KEYNAME "SOFTWARE\Policies\Microsoft\Windows Mobile
Settings\<CSPName>\..."

For example, to set a registry value RegValueon the device, the ADM template might look like:

Copy Code 
POLICY !!Policy_MyPolicy
 PART !!Part_MyPolicy EDITTEXT REQUIRED 
  KEYNAME "SOFTWARE\Policies\Microsoft\Windows Mobile
Settings\Registry\HKLM\Software\MyApp"
  VALUENAME "RegValue"
 END PART
END POLICY

After you add the ADM file to the GPO, policies related to security, encryption and device management appear in the navigation pane under Computer Configuration/Administrative Templates/Windows Mobile Settings. User related settings are located under User Configuration/Administrative Templates/Windows Mobile Settings.

To create a new Group Policy Object

  1. In the Group Policy Management Console, locate the Group Policy Objectsnode.

  2. Right-click Group Policy Objectsand then choose New.

  3. In the New GPOdialog box, type the name that you want to use to use, and then choose OK.

To add the Administrative Template file to a new Group Policy Object

  1. In the Group Policy Management Console, expand Group Policy Objectsand then locate the new GPO.

  2. Right-click the new GPO and then select Edit.

  3. In the Group Policy Object Editor, expand Computer Configuration, and then locate Administrative Templates.

  4. Right-click Administrative Templatesand then choose Add/Remove Templates.

  5. In the Add/Remove Templatesdialog box, choose Add.

  6. In the Policy Templatesdialog box, select the file Mobile.adm, and then choose Open. The selected ADM file appears in the list of current policy templates in the Add/Remove Templatesdialog box.

  7. In the Add/Remove Templatesdialog box, choose Close.

Upgrading Server Builds with ADM File Changes

If you upgrade a server build that has ADM file changes, then existing GPOs might contain out-dated or excess registry keys, which results in the wrong data being sent to the device. Use the following steps in the Group Policy Management Console to resolve this issue.

To upgrade server builds with ADM File Changes

  • Manually re-create the GPO; or

  • Select Remove a template, and then select Addto force the GPO to pick up a different ADM file; or

  • Create a centralized repository for ADM templates.

To create a centralized repository for ADM templates

  1. Delete the ADM templates from each Group Policy template (GPT).

  2. Place a copy of the latest version of every ADM template (default and customized) into the C:\Windows\Inf folder on every desktop that will administer GPOs.

  3. Create a GPO that targets the computers modified in step 2.

  4. In the GPO, modify the Always Use Local ADM Files for Group Policy Editorsetting to Enabled. This setting is located under Computer Configuration\Administrative Templates\System\Group Policy .

  5. Create a GPO that targets the user accounts that have privileges to edit GPOs.

  6. In the GPO, modify the Turn off Automatic Updates of ADM filessetting to Enabled. This setting is located under User Configuration\Administrative Templates\System\Group Policy .

See Also

Other Resources