Hey folks! I'm moving a new software from my development setup to production and want to deploy it cautiously. I'm creating a Group Policy Object (GPO) specifically for a few machines. Right now, I've set up a security group called `software_pilot` and a GPO named `Deploy_software_pilot`. I've added the test machines to the `software_pilot` group and included this group in the delegation and security filtering options. However, I haven't linked the GPO to anything yet. Should I go ahead and remove 'Authenticated Users' from the security filtering on my `Deploy_software_pilot` GPO? I want to avoid this GPO affecting all machines once it's linked.
1 Answer
Yeah, definitely remove 'Authenticated Users'.
Thanks! But when I try to remove it from Security Filtering, I get a warning that says, "Do you want to remove this delegation privilege?" and then another warning about needing permissions to read GPO data from the domain controller. Is that normal? Those warnings are a bit concerning for me since I’m only adjusting this one GPO.