Answers below Jack: From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Kopenski, Jack Sent: Thursday, June 14, 2007 1:23 PM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Confused about Vista Group Policies Sometimes the light has trouble getting through to my brain, so I need some enlightenment about how Vista Group Policies work while in a mixed (XP - Vista) environment. I see there is some new local vs. domain storage issues also. My company is just starting to deploy some Vista machines for our developers and I thought we might want to add some device installation restrictions. I currently have a "master workstations settings" GPO which all existing workstations invoke and has mostly user configuration stuff. Now with the new Vista settings can I simply use my Vista machine to enable the Vista specific setting in the computer configuration section? Or, must I create an entirely new "Vista GPO" for this? If you want to continue editing your GPOs from both XP and Vista machines, then you will find it easier to manage if you create a separate GPO for Vista-specific settings, from your Vista machine. You don't have to, but keep in mind that any Vista-specific settings that you set on a GPO from a Vista system will not be seen when you edit that GPO from XP/2003. That can get confusing. Once I update it with the Vista settings does the ADMX file get stored in with my existing GPO, because I don't see the ADMX files on my DC now, only on my Vista machine. No, the ADMX files are never stored in SYSVOL with the GPO. That's the beauty of them. Only ADM files ever get stored in SYSVOL. That's also a good reason to use Vista exclusively with Vista-specific GPOs. Once you edit a Vista-created GPO with XP/2003, it wants to copy the ADMs into SYSVOL, thus cluttering up SYSVOL after Vista did away with the problem. If I use my XP machine to view the GPO I will not see the Vista specific settings I configured with my Vista machine, correct? Yep. The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it.