Group Policy Extensions are components that are clients to the Group Policy infrastructure and have a server-side and client-side component. The administrator uses the server-side component and the Group Policy Editor (GPE) to define the policy. When a GPO is applied to a client computer, the client-side component is responsible for applying the policy previously configured.

In the registry, the history of the application of GPOs is broken down by Group Policy Extension.

To Locate the Group Policy History

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

Open Regedt32.exe and locate the following key in the system registry:

• For Group Policy Objects applied to the local computer:

        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
        \Group Policy\History
  

• For Group Policy Objects applied to the currently logged on user:

        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
        \Group Policy\History
  

Underneath each of the keys that represent installed Group Policy Extensions, there will be keys for each of the Group Policy Objects applied. Each of these is assigned a number that equates to the order in which they were applied. The first GPO applied is given the number 0 and, as GPOs are applied, the value assigned to the key is incremented.

Below is an explanation of each of the registry values that may be used.

DisplayName

DisplayName is the friendly name of the Group Policy Object as displayed in the Active Directory Management and Group Policy Editor administration tools.

DSPath

DSPath is the Distinguished Name (DN) of the path to the Group Policy Object stored in the Active Directory. For example: LDAP://CN=Machine,CN={GUID of GPO},CN=Policies,CN=System,DC=<Domain>…

This attribute will not be present for Local Group Policy Objects as there is no Active Directory storage locally.

FileSysPath

FileSysPath is the path to the Group Policy Template (GPT), or file-based policy, contained in the Group Policy. If this is a GPO from the domain, the path will be a UNC path to the SYSVOL share on the domain controllers. If this is a Local Group Policy Object, this will be a local path that points to the structure beginning with the path:

GPOLink

The GPOLink value identifies what scope the Group Policy Object was applied to, therefore affecting the computer or user. The following values are valid:

GPOName

The GPOName value contains the name of the GPO as it is referenced. For Group Policy Objects associated with computers, this name will be the friendly name of the GPO. For Group Policy Objects stored in the Active Directory, this will be the GUID of the GPO.

lParam

The lParam value is used to perform various functions on GPOs. This value can be customized by Group Policy Extensions.

Options

The Options value represents the options selected by the administrator when configuring the Group Policy Object Link, such as whether or not to disable the Group Policy Object or to force the settings defined in the GPO on subcontainers.

Version

The Version registry value specifies the version number of the GPO when it was applied last. The number is used to determine if the GPO has changed since it was last applied.