Avatar of qvfps
qvfps
 asked on

Limit Group Policy to a single Security Group

I am trying to create a group policy which will only apply to a single security group.     I have created the policy and added the security group to the scope.  I then went to delegation and removed authenticated users and re-added it with read permisisons.   


I waited a half hour and had a user in the group reboot and then try a gpupdate and it was not applied.   I ran gpresult /h and viewed the output and I do not see the policy I created anywhere in the report.  

The server is running Windows server 2016 Standard and the computer is running Windows 10


Is there something else I need to do?

Group PolicySecurity

Avatar of undefined
Last Comment
qvfps

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Seth Simmons

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
qvfps

ASKER
The 4 tabs available are Scope, details, settings and Delegation in GPMC.  There is no common tab.
qvfps

ASKER
I found the common tab and have created an item level target on the policy.   I am waiting to hear back from the users if the drive is now mapped.
arnold

Putting the group in the security filter should do it,
Granting authenticated user read access will then apply the policy to the all authenticated users as they can read the policy.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
qvfps

ASKER
I the security group in the security filter and granted Authenticated users read access.    The user says the drive is still not mapped.   I am waiting to get access to a computer in the same ou so I can test it for myself.
arnold

why not place the computer you use in that ou?
qvfps

ASKER
The user moves back and forth between two locations with different OUs.   This is her secondary location.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
arnold

What does the GPO supposed to achieve?

Computer/user GPO.

Is this user access to her files?
qvfps

ASKER
Just map the drive.
arnold

aD computer GPO or user GPO?



Can you post the GPMC group policy detail?
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
qvfps

ASKER
User GPO
arnold

Can you post the GPO detail?

What does gpmc's group policy result wizard sshow when run against this system?
Same gpresults /v as the user?
qvfps

ASKER
I am doing this remotely and have not had access to the computer.   I am following up with them again to see if I can get access to her or another computer for testing.

Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
qvfps

ASKER
I resolved the issue and limited it to the specified users Item Level Targeting.   The policy was not initially applying because the user and the computer were in different OUs.   Once I moved applied the policy to the OU where the computer was located the policy applied correctly.