Advance

Learn how to apply Group Policy to a computer in Active Directory

Learn how to apply Group Policy to a computer in Active Directory

[Updated on Date: 2021-01-29] As you know, GPOs are applying to computers. The most common way to do this is by linking the computer’s GPO to the Computer OU. By default, a policy applies to all computers that contain OU. If there is a specific policy for only a few specific computers, then these computers should be in the Active Directory computer group. In this article, we will learn how to apply Group Policy to a computer in Active Directory. You can visit the packages available in Eldernode to purchase a Windows VPS server. Join us to learn this tutorial.

Tutorial apply Group Policy to a computer in Active Directory

In this tutorial, we are going to look at how to apply GPO to a computer group in Active Directory. This method is much more efficient than creating a new OU for computers that want to do this.

Recommended Article: Tutorial and How to create the CSR in Microsoft IIS

Apply Group Policy to a computer in Active Directory

In this example, computers are in a domain called asaputra.com, and the domain controller is installed on Windows Server 2012, version R2. All client computers have Windows 10 and are in the Prod OU. A policy called Secured Computer Policy has been created and linked to OU called Prod.

 

Active directory users and computers

***

Group Policy management

 

How to filter Secured Computer policy to apply to WKS002 and WKS003

The following step-by-step instructions show how to filter Secured Computer policy to apply to WKS002 and WKS003.

Creating a group

The group should be built in an OU to which the policy is linked. Open OU on the Active Directory Users and Computers console.

Right-click on an empty area of the page and select New >> Group.

 

Create a group in Active Directory

 

Enter the group name.

In the Global Scope section, select Global.

From the group type section, select Security.

Group name and object type in Active Directory

 

Click OK to save the settings and create a group. As shown below, the group must be displayed in OU.

 

Create Group in Active Directory

 

Add target computers as group members

Double-click the group name to open the settings. Select the Members tab and click the Add button.

Secured computers properties in Active Directory

 

The following window opens. Click Object Types and make sure Computers is checked.

 

How to select object types in active directory

***

how to select types of objects in active directory

 

Now enter the names of the target computers mentioned above with a semicolon (;) to separate them. Then click Check Names. If typed correctly, the names will display as shown below with a dash below them.

 

How to enter the object names in active directory

 

Make sure all target computers are members of the group, then click OK to confirm.

Change the GPO security settings

Log in to the Group Policy console. Select the policy you want to change and then enter the Scope tab.

 

scope tab in secured computer policy

 

In the Security Filtering section, select Authenticated Users and click Remove.

 

security filtering in Active Directory

 

In the same Security Filtering section, click the Add button.

 

add or remove in security filtering in Active Directory

 

Enter the name of the group that was created in the previous step. Click Check Names to make sure the typed name is correct, then click OK.

 

How to select user in Active Directory

 

Make sure the group is added to the list.

 

security filtering in active directory

Recommended Article: Learn how to apply Group Policy to a computer in Active Directory

How to check the policy to apply correctly

We can make sure that the policy is applying correctly. On the client computer, run cmd as run as administrator and enter the command gpresult / r / SCOPE COMPUTER. On computers that are part of the SECURED_COMPUTER group (ie WKS002 and WKS003), you see that the result is applying correctly.

 

How to apply group policy objects

 

But on a computer that is out of the group, the result shows that no policy has been applied.

 

How to apply group policy objects

 

Keep in mind that applying GPOs to a computer group is a bit confusing. If you see a GPO that has not been applied to a computer that is a member of the target group, then the computer may not yet have noticed that it is a member of the group. To check your computer membership, use the command above and scroll down to see the information below.

 

How to apply group policy objects

 

Conclusion

In this article, we tried to fully explain how to apply Group Policy to a computer in Active Directory using images in Windows Server 2012. How to filter Secured Computer policy to apply to WKS002 and WKS003 was also taught step by step. Finally, the results of the work in the CMD environment were evaluated.

We Are Waiting for your valuable comments and you can be sure that it will be answered in the shortest possible time.

9 thoughts on “Learn how to apply Group Policy to a computer in Active Directory

    1. Group policy management console is one of the features of Windows Server that can be installed through Server manager or using the Install-WindowsFeature GPMC command.

    1. GPME not only includes the Policy Settings node, but also the preferences setting node, which is only available at the domain level. GPME is installed on Vista and later Windows by downloading and installing RSAT tools (Remote Server Management Tool) for each service pack specific to an operating system. On Windows Servers 2008, 2008 R2 and 2012, Group Policy tools can be installed using the Add Features applet in Server Manager.

    1. Administrative templates directly offer settings for many different products and services. For example, Desktop, Event Logs, Power, Printing, and Windows Remote Management are just a limited number of known executable templates that provide us with executable and control features.

Leave a Reply

Your email address will not be published. Required fields are marked *

We are by your side every step of the way

Think about developing your online business; We will protect it compassionately

We are by your side every step of the way

+8595670151

7 days a week, 24 hours a day