I created a gpo on a windows 2003 serve to apply to a windows xp client. I had some settings on both user and computer settings, so i enabled loopback. Then i removed the authenicated user from the gpo and applied the user group i want for this gpo and then linked the gp to an ou that contains both the users and pc's in question. Now when a user logs on the user side settings allpy but not the computer side and if i run gpresult it tells me the computer side gpo did not apply access denied. Now if i add the target pc to the security tab and reboot the pc it then works. is this the case? do i have to add every single pc to this security filter as well as users?