Skip navigation

Microsoft Owes PolicyMaker Users a Migration Plan

A reader's response about Windows Server 2008 RSAT

It's been quite a while since I've blogged here, but things have settled down enough for me that I'm going to get back to this blog regularly now. I can always count on our readers to give me a kick in the backend just exactly when I need it, and this return to blogging is a great example. I got the following email from Jeff Vandervoort, which motivated me to post his concern and see if we can get a response from Microsoft.

Jeff's message:
I just received the June 2008 Windows IT Pro. You discussed RSAT and its awesome new feature, Group Policy Preferences (GPP).  I'm sure you know this technology was originally DesktopStandard PolicyMaker, acquired by Microsoft in late 2006.
I was delighted when Microsoft elected to make PolicyMaker (PM) part of the OS.  But unfortunately, Microsoft left PM sites out in the cold.
Here are the major ways Microsoft bungled this transition:

1. The PM console was broken by IE7, shortly after Microsoft purchased PM. Microsoft never released a fix. They finally documented a registry hack to disable the IE7 functionality: This was really aggravating at the time, but turned out to be a minor nuisance compared to what was to follow.

2. GPP and PM are nearly identical in UI and functionality. But GPP uninstalls PM extensions. OK, fine...GPP is PolicyMaker's replacement, and Microsoft is entitled to use their own branding. But once that happens, PolicyMaker settings are not applied to clients. One can
re-install the PM extensions--but they don't work because GPP disables PM if it finds it.

Rumor has it that Microsoft will release a PM-to-GPP migration tool. Someday. I've been advised by Microsoft Partner support that the rumors are true. But no one knows when.

Three months after release of Windows Server 2008 the migration tool has not materialized. I check the MS download site every week. So what do PM admins do? Every time we add a PM setting as our systems evolve we know we're digging ourselves in deeper. Do we wait for MS to release the migration tool, or do we cut our losses and make the huge investment in manual migration to GPP? How do we plan?

The migration tool should have been included in the box with WS2008 or made available for download no later than the release of WS2008.  It's too late for that, of course.  So now they need to give us a date when it will be available so we can plan.  This is painful to PM customers, but it can also be painful for Microsoft: I have one client that is holding off on migrating to WS2008 until there is more clarity on this issue, because WS2008 includes GPP, which forces us to migrate at least server-related settings manually.

3. This last oversight greatly enlarges the scope of the problem from just former PM sites to all sites using Win XP SP3 where GPP was not already installed. WSUS has been dangling GPP in front of our noses for several weeks. PM sites can't install it until they're ready to migrate, as explained previously. So the updates continue to dangle, unapproved.

But guess what? There's one less GPP update in WSUS these days! When Windows XP SP3 is installed, XmlLite, a prerequisite for GPP, is uninstalled! So, even those who are ready for GPP--even sites that PM never touched--can't deploy GPP by WSUS to Windows XP clients any more.

I found a Startup Script that will install XmlLite and the CSE's for all GPP supported OS's, including XP SP3, but MS shouldn't penalize Win XP SP3 users this way. GPP needs to be repackaged with XmlLite for XP SP3 and made available by WSUS.

Microsoft owes PM users a migration plan.

-- Jeff Vandervoort

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.