Solved

Group Policy and Authenticated Users

Posted on 2013-02-03
3
612 Views
Last Modified: 2013-02-18
Hi guys,
I want to apply a group policy to one user only.
In the Security filtering section of the group policy, it has the authenticated users there by default.
Should I remove this group, and then add the specific user to that security filtering section, or is it safe to leave the authenticated users group there.
This user is in an OU with 100s of other users.
I just want to make sure that the other users in this OU dont get the gpo.
Thanks.
0
Comment
Question by:Simon336697
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 9

Assisted Solution

by:Zenvenky
Zenvenky earned 140 total points
ID: 38850073
This is bit tricky. However are there any other policies are getting applied on this OU. If your answer is yes, then you have to be very carefull do not change anything "Authenticated Users".
Instead take that single user out of OU and create new policy to give permissions that you want to give.
0
 
LVL 84

Accepted Solution

by:
oBdA earned 200 total points
ID: 38850154
Removing the "Authenticated Users" group from the Security Filtering section and adding a dedicated security group instead is basically the only way to apply a GPO to a user selection inside of an OU.
And even if it's currently only a single user, you should still create a dedicated group "GPO-Apply-<ThatCertainGPO>" or whatever, add the user account to this group, and add this group to the GPO's security filtering. That way, the configuration is basically self-documenting; in addition, the time will come when a second account needs this policy applied as well.
0
 
LVL 13

Assisted Solution

by:Jaihunt
Jaihunt earned 160 total points
ID: 38850810
Hi

You can create a Group and add all users in that group except the one user who requires the group policy.

Go to the policy in GPMC and Delegation --> Advanced -->add the Group -- in Permissions Select Apply group policy check deny.

It will Deny Group policy applying to all the users in the Group. In future if you need any changes you can modify to the Group.

Thanks
Jai
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question