Apply GPO to certain users
I went through some GPO documentation and it seems really straightforward but I'm still stuck.
I have an OU called Users, and I created a GPO that simply maps a drive for a single user, and I applied it to the OU called Users with a security filter for only that user (also when I enter in the name of the user I always check the name via the button on the right).
The thing is when I do a GPresult /r
, it shows that the GPO is not applied to computer when the user is logged in and there is no drive mapping still.
Anything I do with specific users related to GPO's do not work, the only thing I know how to get working is computer policies, and applying to authenticated users (basically everyone), or applying to specific computers through the security filter.
Any ideas on what I can try?
Solution 1:
There was an update in June 2016 that results in the situation that if you remove the Authenticated Users from the security filtering you can run in to trouble if the required systems cannot read the policy.
See the MS technet blog https://blogs.technet.microsoft.com/askds/2016/06/22/deploying-group-policy-security-update-ms16-072-kb3163622/
To fix this simply go to the Delegation tab of the policy and add the Authenticated Users with Read permission. Not read and apply, check what you've done with the advanced button.