Link to home
Start Free TrialLog in
Avatar of qvfps
qvfps

asked on

Limit Group Policy to a single Security Group

I am trying to create a group policy which will only apply to a single security group.     I have created the policy and added the security group to the scope.  I then went to delegation and removed authenticated users and re-added it with read permisisons.   


I waited a half hour and had a user in the group reboot and then try a gpupdate and it was not applied.   I ran gpresult /h and viewed the output and I do not see the policy I created anywhere in the report.  

The server is running Windows server 2016 Standard and the computer is running Windows 10


Is there something else I need to do?

ASKER CERTIFIED SOLUTION
Avatar of Seth Simmons
Seth Simmons
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of qvfps
qvfps

ASKER

The 4 tabs available are Scope, details, settings and Delegation in GPMC.  There is no common tab.
Avatar of qvfps

ASKER

I found the common tab and have created an item level target on the policy.   I am waiting to hear back from the users if the drive is now mapped.
Putting the group in the security filter should do it,
Granting authenticated user read access will then apply the policy to the all authenticated users as they can read the policy.
Avatar of qvfps

ASKER

I the security group in the security filter and granted Authenticated users read access.    The user says the drive is still not mapped.   I am waiting to get access to a computer in the same ou so I can test it for myself.
why not place the computer you use in that ou?
Avatar of qvfps

ASKER

The user moves back and forth between two locations with different OUs.   This is her secondary location.
What does the GPO supposed to achieve?

Computer/user GPO.

Is this user access to her files?
Avatar of qvfps

ASKER

Just map the drive.
aD computer GPO or user GPO?



Can you post the GPMC group policy detail?
Avatar of qvfps

ASKER

User GPO
Can you post the GPO detail?

What does gpmc's group policy result wizard sshow when run against this system?
Same gpresults /v as the user?
Avatar of qvfps

ASKER

I am doing this remotely and have not had access to the computer.   I am following up with them again to see if I can get access to her or another computer for testing.

Avatar of qvfps

ASKER

I resolved the issue and limited it to the specified users Item Level Targeting.   The policy was not initially applying because the user and the computer were in different OUs.   Once I moved applied the policy to the OU where the computer was located the policy applied correctly.