Using group policies with RSA Authentication Agent 220.127.116.11. Was it intended for SendDomainName in these two policies to change the same registry flag? That is, if I set to send domain+user to management server for Challenge, must I also send domain+user to management server for Password sync (and vice versa)? In ADMX, they change the same registry key: SOFTWARE\Policies\RSA\RSA Desktop\Local Authentication Settings\SendDomainName. I worked this out because the policy HTML summary display in group policy management console shows the value as unresolvable to a template ('Extra Registry Settings') and when I searched, I found SendDomainName used in two ADMX files: RSA_Authentication_Agent and RSA_Authentication_Agent_Password_Synchronization. GPMC needs the policy registry location to be unique.