LinkBack URL
About LinkBacks
Reply With QuoteDid you check the delegation tab?
Do "Authenicated Users" still have "read" permission or did you remove them completely?
Without "read" permission the users are nor able to process the GPO (even though the filtering is done by computer accouts).
Getting Started on GPanswers.com
I have been working on the following:
GPO to disable the screensaver for computers that are members of an AD global security group.
I have created the GPO to disable the screen savers and enable "Use Group Policy loopback processing mode = Merge", I am using the loopback since the settings for managing the screensaver are in the user configuration, and I want the computers in the security group to receive the "user" configuration no matter who logs on.
I removed "Authenicated Users" from the Security filtering section and added the name of the AD security group with the computer members.
After ensuring that replication has taken place I restart the computer that is a member of the security group and find that it does NOT have the screen saver disabled. It show that it processed the loopback policy fine looking at the RSPO data under Computer Configuration Summary but under the User Configuration Summary see the GPO GUID under denied GPO's due to being inaccessible.
If I add the user account name to the security group ACL'd to this GPO it works fine. Am I missing something here?
10+ Helpful Posts
20+ Helpful Posts
Did you check the delegation tab?
Do "Authenicated Users" still have "read" permission or did you remove them completely?
Without "read" permission the users are nor able to process the GPO (even though the filtering is done by computer accouts).
Getting Started on GPanswers.com
You need to scope the GPO to a computer and user group.Originally Posted by madlinux
Posting Permissions