Group Policy is made up of 39 categories of “functions” called CSEs or “Client Side Extensions.”
You know them and love them: areas like Admin Templates, Software Deployment, Security Settings, Firewall Settings, Folder Redirection, the Group Policy Preferences (which are 21 categories by themselves.) And lots more.
These functions are why you love Group Policy. Here’s a great, geeky list of Microsoft’s own CSEs: http://blogs.technet.com/b/mempson/archive/2010/12/01/group-policy-client-side-extension-list.aspx
But there’s nothing from Microsoft that can manage the applications’ settings themselves, perform UI lockdown, and auto-remediate settings. Only PolicyPak can do that.
The good news is that because you’re already using Group Policy, PolicyPak just works alongside what you already know and love. Use the GPMC and Group Policy Editor to create GPOs with PolicyPak directives. Those directives utilize Group Policy to get the work done. Couldn’t be easier!
So, the stuff in the box from Microsoft can’t do it all – which is why PolicyPak exists.
PolicyPak was designed by Jeremy Moskowitz, one of twelve Group Policy MVPs worldwide. He’s the guy who wrote this book (www.MDMandGPanswers.com/book). In short, Group Policy cannot do what you need by itself. That’s why PolicyPak exists.
PolicyPak “is” Group Policy, because it was designed as a true CSE (see next FAQ question).