Advertisement
Hi all - apologies, I know there are several articles regarding this area, but I cant seem to relate any to my scenario.<\/p>\n
I am currently attempting to map a network location onto specific user’s accounts through Group Policy, and using a Security Group within AD to assign the users (with the way our AD is currently set up, and considering future employees, it seems the best option to assign policies through Security Groups).<\/p>\n
I have set up the GP, and created a group within AD, which specific users are members of.<\/p>\n
In the Security Filtering section of GPM, I have added my Group and ensured that on the delegation tab both my group and ‘Authenticated Users’ have ‘read’ and ‘apply group policy’ checked. From what I gather, there was an update that meant Authenticated Users are now required to be there?<\/p>\n
In this case though, it means each user in the location of the GPO (which happens to be every user in the company) is getting the network drive mapped - as opposed to just my Group of people. I’m assuming this is because authenticated users also has ‘apply group policy’ checked, but when I un-check this, the GPO doesn’t apply to anyone.<\/p>\n
I know this can be done without having to sort my users into specific OUs on AD… I’m just struggling to make sense of my issue!<\/p>\n
Any help would be appreciated!<\/p>\n
Many Thanks,
\nConor<\/p>","upvoteCount":1,"answerCount":9,"datePublished":"2018-04-26T13:47:16.000Z","author":{"@type":"Person","name":"conore","url":"https://community.spiceworks.com/u/conore"},"acceptedAnswer":{"@type":"Answer","text":"
remove auth users from the security filtering. I think you are mistaking a change where you had to add domain computers as the security filter not auth users. If this causes the GPO to stop applying then your going to need to figure out why. You gpresult /v to list the GPO and security group info, it should also tell you exactly why the gpo didn’t apply. and remember your users need to log out and back in to get new security group assignments.<\/p>","upvoteCount":0,"datePublished":"2018-04-26T13:53:28.000Z","url":"https://community.spiceworks.com/t/group-policy-security-filtering/648392/2","author":{"@type":"Person","name":"drewfreeman","url":"https://community.spiceworks.com/u/drewfreeman"}},"suggestedAnswer":[{"@type":"Answer","text":"
Hi all - apologies, I know there are several articles regarding this area, but I cant seem to relate any to my scenario.<\/p>\n
I am currently attempting to map a network location onto specific user’s accounts through Group Policy, and using a Security Group within AD to assign the users (with the way our AD is currently set up, and considering future employees, it seems the best option to assign policies through Security Groups).<\/p>\n
I have set up the GP, and created a group within AD, which specific users are members of.<\/p>\n
In the Security Filtering section of GPM, I have added my Group and ensured that on the delegation tab both my group and ‘Authenticated Users’ have ‘read’ and ‘apply group policy’ checked. From what I gather, there was an update that meant Authenticated Users are now required to be there?<\/p>\n
In this case though, it means each user in the location of the GPO (which happens to be every user in the company) is getting the network drive mapped - as opposed to just my Group of people. I’m assuming this is because authenticated users also has ‘apply group policy’ checked, but when I un-check this, the GPO doesn’t apply to anyone.<\/p>\n
I know this can be done without having to sort my users into specific OUs on AD… I’m just struggling to make sense of my issue!<\/p>\n
Any help would be appreciated!<\/p>\n
Many Thanks,
\nConor<\/p>","upvoteCount":1,"datePublished":"2018-04-26T13:47:16.000Z","url":"https://community.spiceworks.com/t/group-policy-security-filtering/648392/1","author":{"@type":"Person","name":"conore","url":"https://community.spiceworks.com/u/conore"}},{"@type":"Answer","text":"
I wouldn’t bother with Security Filtering.<\/p>\n
Use Item level targeting on the drive map GPP.<\/p>\n