I am trying to get Group Policy working from scratch. It is possible (indeed, quite likely) that I have missed a simple step somewhere. But anyway...
I have created a new OU specifically for Group Policy testing and created a new Security Group inside it. I have added a User (me, actually) to this new Security Group.
However, whenever I run a GPResult /R [with or without /V], the User us shown as being in every Security Group that they were in before I created the new OU and Security Group but not the new one!
If I check the User in AD Users and Computers membership of the new group is shown. The OU is inside a main OU within the Domain.
Since I can't find the User as being a member of the Security Group, you will not be surprised to discover that GP Modelling doesn't indicate the the GPO will apply to the User - and it doesn't.
Machine is Windows 7, DC is Server 2010. I don't think this should matter, though!