Custom group policy applied only when authenticated users is delegated


  • Hi,

    The setup is one windows 2008 R2 server acts as PDC, a backup domain controller 2008 R2

    30 Client machines running windows 7 Pro joined the PDC

    The PDC has the following policies:

    - A default domain policy that is not enforced and applied to all authenticated users

    - A custom policy that is applied to an OU that contains all user accounts, this policy is Enforced and delegated to a security group of a specific users from the same OU

    The problem:

    The custom policy is not applied to users, it shows "inaccessible" when running gpresult /r

    I have checked the delegation tab inside the custom GP and the security group has read and apply permissions set

    Now, if I change the delegation to authenticated users and remove the security group, the custom policy works, if i change it back to the security group and remove the authenticated users it stops working with inaccessible error

    What could be the problem?

    Appreciate any help

    Thank you


    Tuesday, June 21, 2016 6:33 PM


All replies