In some environments, the creation of Paks and the creation of GPOs which deploy PolicyPak instructions could be two separate jobs. This is quite common, as often the person who knows the application and its settings is better suited to create the Paks for those applications.
Said another way, sometimes one person (or a team of people) can create Paks, and another person (or team) can create GPOs with these created Paks.
To create Paks from scratch, the PolicyPak Design Studio tools must be installed and Paks created.
To deploy pre-configured or custom Paks, an administrator needs the GPMC with the PolicyPak MMC-snap in installed.
Here is a table that shows the various roles that make up Active Directory and where each PolicyPak piece fits in. In the table, you’ll see which Active Directory elements are supported based upon operating system type, the role it plays, and which PolicyPak component needs to be installed (if any).
