Microsoft has bolstered its group-policy desktop management offering with the acquisition of New Hampshire software vendor DesktopStandard.

Under the terms of the cash deal, Microsoft is acquiring the company's GPOVault, PolicyMaker Standard Edition, Registry Extension, Software Update and Share Manager products. Microsoft plans to integrate them into its Group Policy Management Console (GPMC), which sets standard policies - such as which users have access to certain information or applications - for desktop and laptop computers across an enterprise, said Praerit Garg, a senior director in the Microsoft Windows Enterprise Management division.

The acquisition is especially important in providing GPMC better change-management functionality, Garg said. Managing changes in group-policy objects created by different administrators in an organisation is one of the pain points customers said they were having with managing Windows computers across their companies. GPOVault in particular should help alleviate this problem, he added.

And Microsoft is acquiring a talented group of employees - about 35 in all. According to Garg, they will help the company develop its next-generation of group-policy management tools.

However, Microsoft did not acquire all of DesktopStandard's portfolio: 20 DesktopStandard employees, under the direction of former DesktopStandard Chief Executive Officer John Moyer, have formed another company - BeyondTrust - which will sell Policy Maker Application Security as its flagship product.

Microsoft decided not to purchase Policy Maker Application Security from DesktopStandard as it was not consistent with the company's group-policy management plan going forward, Garg said.

The product, which BeyondTrust's Moyer said was the fastest-growing product at DesktopStandard, allows users to have elevated privileges to certain applications without granting users temporary administrator rights to every application.

The next version of Windows, Vista, will tackle the same issue with a feature called User Account Control. This will allow network administrators to grant individual users temporary administrator passwords.