Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Applying group policy to ALL computers in OU

Posted on 2015-02-24
3
Medium Priority
?
137 Views
Last Modified: 2015-02-24
hi guys,

We're running a windows 2008 R2 and windows 2012 domain environment.

I'm trying to turn off Windows Firewall for ALL computers in a particular OU. In this OU, I have put all of the computers.

I've then gone to group policy management within this particular OU and created a new GPO and turned off Windows firewall. I have gone ahead and done a 'gpupdate /force', but so far I'm not seeing anything.

At the moment, there's nothing in the 'Security Filtering' section. There was 'authenticated users', but I removed that. Do the computers all need to be in here also? Should I create a security group and stick all computers in there and then add that security group to the security filtering section?

Thanks for helping out
Yashy
gpo-1.jpg
0
Comment
Question by:Yashy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 1000 total points
ID: 40628116
Add authenticated users back in and you will be good to go.  Authenticated users includes computers and users.

Good short FAQ on Authenticated Users   http://windowsitpro.com/security/computer-accounts-authenticated-users-group


Thanks

Mike
0
 
LVL 85

Assisted Solution

by:oBdA
oBdA earned 500 total points
ID: 40628117
Well, what you get is what you configure:  if no accounts are listed in the Security Filtering section, then no accounts will apply the policy, full stop.
Just put the "Authenticated Users" back in, and run gpupdate again; the computer accounts in the OU need to be able to apply the GPO, and domain computers are "Authenticated Users", too.
0
 
LVL 10

Assisted Solution

by:Muhammad Mulla
Muhammad Mulla earned 500 total points
ID: 40628123
Security filtering needs to have something there.

Normally, if I was doing a GPO for an OU, then I would keep authenticated users in authenticated users. This would include the computers in the OU.

Check if the Link is enabled (right-click should bring it up) from the OU in GPMC.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question