Solved

The following GPOs were not applied because they were filtered out

Posted on 2012-03-23
4
2,912 Views
Last Modified: 2012-04-19
I have over a dozen existing group policies in my network that work fine. I just created a new one for Windows Update settings on the computers. I've edited the Computer settings in the GP, and added the Domain Computers group and another I created (WSUS-Workstations) to the Security Filtering section. I've linked it to the OU.

Even after running gpupdate and rebooting a test system that is a member of both groups several times, the group policy is not applied.

The message is "The following GPOs were not applied because they were filtered out" and
"WSUS-workstations
    Filtering:  Denied (Security)"

I do not understand why I would get a security denial when I've added both groups to the Security Filtering.
0
Comment
Question by:SKpollyanna
4 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37758408
It sounds like you have it setup right.  In the advanced settings in the ACL check for any deny entries.

Then I'd maybe take one of the groups out of the filter, run the rsop again, see if there is one group that is having issues.  Start with just the WSUS group.
0
 
LVL 11

Accepted Solution

by:
X_layer earned 500 total points
ID: 37761492
Try this:
1. Create a computer OU.
2. Create a GPO with the three policy settings defined. Link the GPO to the computer OU.
3. Under Security Filter for the GPO, remove Authentic Users from the list, add the computers and users you want the GPO to apply to.
0
 
LVL 40

Expert Comment

by:footech
ID: 37761559
You may want to check under "Security Group Membership when Group Policy was applied" for the gpresults to verify which groups the computer thinks it is a member of.
0
 

Author Closing Comment

by:SKpollyanna
ID: 37865764
Thank you. I will try this.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question