Applying group policy to ALL computers in OU

hi guys,

We're running a windows 2008 R2 and windows 2012 domain environment.

I'm trying to turn off Windows Firewall for ALL computers in a particular OU. In this OU, I have put all of the computers.

I've then gone to group policy management within this particular OU and created a new GPO and turned off Windows firewall. I have gone ahead and done a 'gpupdate /force', but so far I'm not seeing anything.

At the moment, there's nothing in the 'Security Filtering' section. There was 'authenticated users', but I removed that. Do the computers all need to be in here also? Should I create a security group and stick all computers in there and then add that security group to the security filtering section?

Thanks for helping out
Yashy
gpo-1.jpg
LVL 1
YashyAsked:
Who is Participating?
 
Mike KlineConnect With a Mentor Commented:
Add authenticated users back in and you will be good to go.  Authenticated users includes computers and users.

Good short FAQ on Authenticated Users   http://windowsitpro.com/security/computer-accounts-authenticated-users-group


Thanks

Mike
0
 
oBdAConnect With a Mentor Commented:
Well, what you get is what you configure:  if no accounts are listed in the Security Filtering section, then no accounts will apply the policy, full stop.
Just put the "Authenticated Users" back in, and run gpupdate again; the computer accounts in the OU need to be able to apply the GPO, and domain computers are "Authenticated Users", too.
0
 
Muhammad MullaConnect With a Mentor Commented:
Security filtering needs to have something there.

Normally, if I was doing a GPO for an OU, then I would keep authenticated users in authenticated users. This would include the computers in the OU.

Check if the Link is enabled (right-click should bring it up) from the OU in GPMC.
0
All Courses

From novice to tech pro — start learning today.