<div>
If you want to block it for a set of users and/or computers, you can create a new OU, place those objects in it, and enable Block Inheritance on the OU.<br><br>There are other ways to block GPOs, but note that this sort of thing can cause confusion, especially (speaking from experience here) when you're troubleshooting a Group Policy issue and aren't aware that inheritance has been blocked somewhere.<br><br>
</div>


arnold

Desktop Support Analyst

Gibo

<div>
The obvious question in an environment that facilitates single point management, why?<br />
<br />
Do you have an error and want to reset it?<br />
<br />
You can deny Access to the policy..
</div>


<div>
The MS Edge group policy was configured in the default domain policy &amp; I linked another different MS Edge group policy to test in an OU &amp; blocked the inheritance, but still the MS Edge group policy from the the default domain policy persists?
</div>


<div>
Mark the ms edge policy in the O?u enforced.<br />
This will make the OU ms edge settings supplant the default domain policy settings.<br />
<br />
Additionally, use GPmC on the server to confirm which is the winning GPO.
</div>


<div>
Tried enforced &amp; didn't work, ran gpupdate /force &amp; gpresult /r says my MS Edge Group policy was applied &amp; filtered out the default domain policy
</div>


<div>
One option is to create a fo sin side ms edge policy and apply it to the top of the domain excluding the users, groups to which you do not want it applied, could be using wmi filter.<br />
Remove the entries from the default domain policy<br />
.....<br />
Gpupdate ...and retry. It might take two attempts..
</div>


<div>
Remove the settings from the default Dom policy. Done.
</div>


<div>
Thank you for all your prompt response, appreciate much for all your help!
</div>


<div>
<div class="content wysiwyg-content">
Can we block the Default Domain Policy in Active Directory?<br />
<br />
If yes, how?
</div>
</div>


Can we block the Default Domain Policy in Active Directory?

If yes, how?

Windows Default Domain Policy in Active Directory

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.

Windows OS

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows 10 is a personal computer operating system featuring the "universal application architecture" (UAP); apps can be designed to run across multiple devices with nearly identical code, including PCs, tablets, smartphones, embedded systems, Xbox One, Surface Hub and HoloLens. Windows 10 also includes a virtual desktop system, a window and desktop management feature called Task View, the Microsoft Edge web browser, support for fingerprint and face recognition login, voice-based search (Cortana), new security features for enterprise environments, and DirectX 12 and WDDM 2.0 to improve the operating system's graphics capabilities for games.

Windows 10

Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.

Azure

Windows Server 2016 is the successor to Windows Server 2012 R2. Built upon the same core code as Windows 10, Windows Server 2016 brings enhancements in security, servicing, and connectivity. A particular focus on this release was hybrid-cloud scenarios, and has close ties to Azure and other Microsoft cloud initiatives. This does not detract from the many improvements that are available for on-premises-only deployments

Windows Server 2016 comes in Datacenter, Standard, and Essentials editions, and for servicing, has adopted windows 10's cumulative model. The new nano-server install is designed to be remotely managed and is designed to be kept current through continuous feature updates. The full GUI install operates similarly to windows 10's "Long Term Servicing Branch" (LTSB) model with cumulative security updates.

Windows Server 2016 has also shifted from a per-processor-and-CAL licensing model to a per-core-and CAL licensing model. This brings Windows Server's licensing more in line with Microsoft's other products and makes hybrid-cloud license planning easier as well.

Windows Server 2016

A domain controller is a server that responds to security authentication requests within a computer network domain. It is a network server that is responsible for allowing host access to domain resources. It authenticates users, stores user account information and enforces security policy for a domain