In group policy there are two categories: User Configuration and Computer Configuration. I've created an organizational unit (OU) for some users. Of course, it is very reasonable to apply some User Configuration policies for this OU. When do I apply Computer Configuration policies? I've tried to add a station to the above OU and then apply some Computer Configuration policies, but nothing happens. Thank you.
Computer Configuration GPO settings will apply to the computers whose accounts are present in the OU to which that GPO is linked. The settings apply, no matter who uses the computer. If you examine the possibilities, they are quite extensive. Actually, you are seeing the results of computer configuration on every computer in a domain, as there are default settings in the default domain policy (a GPO linked to the domain -- right-click the domain in Active Directory Users and Computers and select Group Policy, then choose EDIT to examine it.)
The settings in this policy affect all computers in the domain. Just like user policies, computer settings are applied from the local policy, then the site policy (if any), then the domain policy, then OU policies. I'm not sure why you are not seeing the results of your changes since I don't know what your settings are. It could be that not enough time elapsed after the setting (policy must be refreshed), or that you inadvertently changed something (like say, password policy) that can't be set per computer for domain logons.
If you have the Windows 2000 resource kit, you can use the group policy results utility at the local computer to see which GPOs are being applied. Try setting something small and relatively non-intrusive, like the security setting that sets a logon warning message: computer configuration | security settings | local policies | security options | message text for users attempting to log on. (Don't forget to also set message title for users attempting to log on.) When you have done so, issue the SecEdit RefreshPolicy machine_policy command on the DC and later on the workstation (this kick-starts replication of the new policy change).
Dig Deeper on Windows 10 security and management
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.