[BUG] ADMX policy name/id "{}" is used in multiple ADMX files

[jtraub91]

Description
When applying windows policies with lgpo.set sometimes policies will fail with an error noted in the returned comment ADMX policy name/id "{}" is used in multiple ADMX files. This is true. The policy name/id does in fact occur in multiple ADMX files. Nonetheless, they are indeed two different policies. Furthermore, they will have the same human readable name.

An example of this for the "Cipher suite order" computer policies. See attached screenshot of the Local Group Policy Editor showing two policies of the same name.

These policies appear in LanmanServer.admx and LanmanWorkstation.admx, respectively. Additionally, they both have a policy id of Pol_CipherSuiteOrder.

Weird that Windows would even have two different policies of the same name like this, but the question then becomes: how do we automate this policy application in salt? Is it even possible?

Setup

Install salt-minion on a Windows box

Pol_CipherSuiteOrder.sls

Cipher suite order:
  lgpo.set:
  - name: Pol_CipherSuiteOrder
  - setting:
      MultiText_CipherSuiteOrder: multiText-placeholder
  - policy_class: Machine

Steps to Reproduce the behavior

salt-call --local state.sls Pol_CipherSuiteOrder test=True

[ERROR   ] ADMX policy name/id "{}" is used in multiple ADMX files
local:
----------
          ID: Cipher suite order
    Function: lgpo.set
        Name: Pol_CipherSuiteOrder
      Result: False
     Comment: ADMX policy name/id "{}" is used in multiple ADMX files
     Started: 01:02:52.032612
    Duration: 1296.879 ms
     Changes:

Summary for local
------------
Succeeded: 0
Failed:    1
------------
Total states run:     1
Total run time:   1.297 s

Versions Report

Salt Version:
          Salt: 3002.7

Dependency Versions:
          cffi: 1.12.2
      cherrypy: 17.4.1
      dateutil: 2.8.0
     docker-py: Not Installed
         gitdb: 2.0.5
     gitpython: 2.1.10
        Jinja2: 2.10.1
       libgit2: Not Installed
      M2Crypto: Not Installed
          Mako: 1.0.7
       msgpack: 1.0.0
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     pycparser: 2.19
      pycrypto: Not Installed
  pycryptodome: 3.9.8
        pygit2: Not Installed
        Python: 3.7.4 (tags/v3.7.4:e09359112e, Jul  8 2019, 20:34:20) [MSC v.1916 64 bit (AMD64)]
  python-gnupg: 0.4.4
        PyYAML: 5.3.1
         PyZMQ: 18.0.1
         smmap: 2.0.5
       timelib: 0.2.4
       Tornado: 4.5.3
           ZMQ: 4.3.1

System Versions:
          dist:
        locale: cp1252
       machine: AMD64
       release: 10
        system: Windows
       version: 10 10.0.19041 SP0

[twangboy]

In this case, you should be able to use one of the longer names:

Network\Lanman Server\Cipher suite order
Network\Lanman Workstation\Cipher suite order

I'm not sure how to handle the fact that they both share the same alias name.

[twangboy]

I just added the above PR that will display the Long Names of the conflicting policies. You should be able to use those to write your state.