Here's my situation. I have a single computer that I want to use solely for connecting to a TV near the entry and display welcome messages to clients, etc. I want to be able to remote to it to update what is displayed (add a new powerpoint from the network, whatever), but I want to lock it down as much as I can. The default domain policy includes policy to force screensavers to kick on after 15 minutes and lock for reentry. I need to remove that feature so I can just run images all day long.
What I tried so far was to create a new OU, move that computer to the new OU. Then I created a new OU in GP, set it to "block inheritance", then created a policy inside where I lock it down and remove the screensaver. Then I enforced it and added the specific computer to the security filtering.
I tried rebooting and running gpupdate /force and a gpresults /r indicates the default domain policy is still the one being implemented. What am I missing? Is there an easier/better way to do this?