I'm building some User GPOs and am seeing some things that I don't yet understand:
In the Scope tab:
I see the one Link that applies - so no surprise there.
I see Security Filtering and I see only one Group there - it's the Group I intend the GPO to apply to but others (like Groups with DENY) aren't listed here.
The Security Filtering section clearly states: The settings in this GPO can only apply to the following groups, users, and computers
So far, this makes sense to me.
In the Settings tab:
The General \ Security Filtering section also says "The settings in this GPO can only apply to the following groups, users, and computers:"
and the contents say "None"
The General \ Delegation section "These groups and users have the specified permission for this GPO"
It only lists one, rather obscure User with Custom "Allowed permissions". Correct enough but not what I'd expect as it's incomplete.
In the Delegation tab \ Advanced (which is Titled: GPO Security Settings)
The Group or user names seems complete.
How is one to interpret all these?
Are we to just ignore some of them?
Are we to pay close attention to some of them?
Why would they be different?