Hi Chrystal,
thank you for your answer. Some further comments and questions to you answers:
Q1: Was as silly question. Thank you for the clarfication.
Q2: Yes, that´s what I would have thought. But there are policies (e.g. ActiveXControls/ApprovedInstallationSites) that are listed when I use the "supported by" Filter that state in their documentation "This is an ADMX-backed policy". Can a policy be ADMX-backed and supported by group policy? That makes no sense to me.
A3: For the OS built time, based on my understanding, it is the time we install the OS. When Product team deploy a policy, it needs a lot of testings which needs time. I think more and more policies will be published in the future.
That was my interpretation on first sight, too. But it doesn´t really make sense, because then it should be possible to reference every admx-based policy, right? Thats what was confusing me. I think the team meant the settings are automatically enumerated at OS-Compile time and that´s why they are even able to make a consitent documentation of the Policy CSP. If the settings are all the same anyway (as they must be, elsewise they couldn´t be documented), why should you enumerate them at installation time? Makes no sense to me.
A4: The client receives the configuration settings via the SyncML document data push and the transferred OMA-URI maps to the corresponding CSP. The targeted CSPs are responsible for configuring the settings. Research and find a link describe this. We can read it as a reference.
https://oliverkieselbach.com/2019/07/18/intune-policy-processing-on-windows-10-explained/
Note: Non-Microsoft link, just for the reference.
Thank you for the link, but I read Olivers whole blog at least 3 times and it doesn´t clarify my question, which is: Where is the CSP located? There must be some kind of client-Software like the Group Policy Client. I found a couple of WMI-Methods but don´t know if they are just part of the WMI-Bridge or if they are somehow involved in the CSP-Processing. There must be some kind of Client - either the CSP itself is one, or the CSPs are called the same way Group Policy Extensions are.
Thank you very much,
Holger