You want to “do more” with Group Policy. But you don’t want to add anything to every client system.
Bad news: You cannot have it both ways.
Let’s think about it. Microsoft also wants you to “do more” with Group Policy too. So they have steadily added more Group Policy CSEs (Client-Side-Extensions, which are the “things you can do”) in every version of Windows. You just didn’t know it.
Here’s the breakdown of CSEs / “things you can do” in Group Policy from Microsoft:
PolicyPak installs one more CSE. And it works completely alongside the existing Microsoft ones.
We act like Group Policy because we ARE Group Policy.
So, if you want to “do more” with Group Policy, you need to add CSEs.
And PolicyPak’s CSE is required to do the magic that only PolicyPak can bring.
But PolicyPak’s CSE is not an “agent”. It’s a CSE or proper Group Policy client-side-extension. It’s an important distinction (because we don’t like being thought of as an “agent” at all – because we’re not one.)
Agents usually have deployment consoles, monitoring stations, huge memory footprints, asks questions / pop-ups to the user, cause slowdowns at login, and on and on.
PolicyPak’s CSE (or any of the Group Policy CSEs) don’t do that. They are basically “dormant” until Group Policy runs (at logon, in the background or when manually called using GPupdate). Then the GP CSEs “do something” if needed then quietly go away.
The PolicyPak CSE ships as an MSI, and can be deployed using any method (including Group Policy itself), or SCCM, or installing it into your core image.
Once deployed to clients, PolicyPak’s CSE starts working and embraces PolicyPak directives.