- In the Active Directory Users And Computers tool, create two new Global Security groups within the Group Policy Test OU and name them PolicyEnabled and PolicyDisabled.
- Right-click the Group Policy Test OU and select Properties. Select the Group Policy tab.
- Highlight Test Domain Policy and click the Properties button.
- On the Security tab of the GPO Properties dialog box, click Add and enter the PolicyEnabled and the PolicyDisabled groups. Click OK.
- Highlight the PolicyDisabled group and select Deny for the Read and Apply Group Policy permissions. This prevents users in the PolicyDisabled group from being affected by this policy.
- Highlight the PolicyEnabled group and select Allow for the Read and Apply Group Policy permissions. This ensures that users in the PolicyEnabled group will be affected by this policy.
- Click OK to save the Group Policy settings. You will be warned that Deny takes precedence over any other security settings. Select Yes to continue.
- Click OK to save the change to the properties of the OU.
Home 
Active Directory (III) 6. Planning and Managing Group Policy 6.3 Filtering Group Policy Using Security Groups
Active Directory (III) 6. Planning and Managing Group Policy 6.3 Filtering Group Policy Using Security Groups
6.3 Filtering Group Policy Using Security Groups
In this video i will show you how to filter Group Policy Using Security Groups in Active Directory.
In this exercise, you will filter Group Policy using security groups.
