Introduction
In this article, I will explain how to apply a Group Policy (GPO) to an Active Directory group that contains multiple users.
The tutorial also applies in case you want to apply the policy to a particular user.
Prerequisites
- Have created the Active Directory group
- Having created the strategy
- The policy must be correctly placed either at the root of the domain or at the OUs where the users are, not the group.
Apply a strategy to a group
The first step, from the Scope 1 tab of the policy in the Security Filtering 2 section, is to delete the Authenticated Users object and add the group 3 to which the GPO applies.
Now you have to add read rights to the policy to the Authenticated Users object, go to the Delegation tab 1 and click Add 2 .
Select / Add the object Authenticated Users 1 and click OK 2 .
Choose the Read permission 1 and click OK 2 .
The Authenticated Users object is added with read permission on the policy.
Conclusion
Prior to the MS16-072 update, it was not necessary to add the Authenticated Users object with Read permission on Group Policies, it was sufficient to add the group in the security filtering.