<div>
Try adding into delegation of Profiles_Policy and set it allow policy.
</div>


Try adding into delegation of Profiles_Policy and set it allow policy.

<div>
Two things that jump out at me is the fact it's listing only GGU-users in the security filters for the report, and that the revision numbers don't match (35 vs 65535). &nbsp;How does the revision numbers look for the working GPOs?
</div>


Two things that jump out at me is the fact it's listing only GGU-users in the security filters for the report, and that the revision numbers don't match (35 vs 65535).  How does the revision numbers look for the working GPOs?

<div>
Give <b>Authenticated Users</b> rights to read GPO.
</div>


Give Authenticated Users rights to read GPO.

<div>
Ha ! THAT made the trick - hmm did not think about it but it makes sense. Still wonder why other similar GPOs would still apply but I have now explicitly allowed the machines and it seems that everything works as expected !
</div>


Ha ! THAT made the trick - hmm did not think about it but it makes sense. Still wonder why other similar GPOs would still apply but I have now explicitly allowed the machines and it seems that everything works as expected !

<div>
<div class="content wysiwyg-content">
I'm really having a hard time understanding this situation.<br />
<br />
Windows server 2012r2.<br />
I have an user test01, member of security group GGU-RDS-Users01.<br />
I'd like to have a GPO called &quot;Profiles_Policy&quot;to apply to said user.<br />
<br />
This is my definition<br />
<a href="https://filedb.experts-exchange.com/incoming/2017/05_w21/1164353/secfiltering.jpg" target="_blank" title="sec filtering (96 KB)"><img alt="sec filtering" class="file-block lazyload" style="max-width: 800px;" data-src="https://filedb.experts-exchange.com/incoming/2017/05_w21/800_1164353/secfiltering.jpg" /></a><a href="https://filedb.experts-exchange.com/incoming/2017/05_w21/1164354/delegation.jpg" target="_blank" title="delegation (237 KB)"><img alt="delegation" class="file-block lazyload" style="max-width: 800px;" data-src="https://filedb.experts-exchange.com/incoming/2017/05_w21/800_1164354/delegation.jpg" /></a><br />
However if I try modeling the resulting GPO for said user it shows &quot;access denied - security filtering&quot;<br />
<br />
<a href="https://filedb.experts-exchange.com/incoming/2017/05_w21/1164355/modeling.jpg" target="_blank" title="modeling (184 KB)"><img alt="modeling" class="file-block lazyload" style="max-width: 800px;" data-src="https://filedb.experts-exchange.com/incoming/2017/05_w21/800_1164355/modeling.jpg" /></a><br />
I have looked to others GPOs that do apply and their setup seems identical... I'm really lost here.<br />
<br />
Any help much appreciated !
</div>
</div>


delegation.jpg

secfiltering.jpg

modeling.jpg

I'm really having a hard time understanding this situation.

Windows server 2012r2.
I have an user test01, member of security group GGU-RDS-Users01.
I'd like to have a GPO called "Profiles_Policy"to apply to said user.

This is my definition



However if I try modeling the resulting GPO for said user it shows "access denied - security filtering"



I have looked to others GPOs that do apply and their setup seems identical... I'm really lost here.

Any help much appreciated !

Really confused about group policies

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Windows Server 2012

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.