Filter using security groups
Updated: January 21, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To filter using security groups
Open Group Policy Management.
In the console tree, double-click Group Policy Objects, which contains the Group Policy object (GPO) to which you want to apply security filtering (console tree location is: Forest name/Domains/Domain name/Group Policy Objects).
Click the GPO.
In the results pane, on the Scope tab, click Add.
In the Enter the object name to select box, type the name of the group, user, or computer that you want to add to the security filter. Click OK.
If Authenticated Users appears in the Security Filtering section of the Scope tab, select this group and click Remove. This will ensure that only members of the group or groups you added in step 5 can receive the settings in this GPO.
You must have Edit settings, delete, and modify security permissions on the GPO to perform these procedures.
The settings in a GPO will apply only to users and computers that are contained in the domain, organizational unit, or organizational units where the GPO is linked, and that are specified in, or are members of a group that are specified in Security Filtering. You can specify multiple groups, users or computers in the security filter for a single GPO.
You can also perform this procedure or a related task by using one or more of the sample scripts included with Group Policy Management. For more information, see "Scripting Group Policy tasks" in Related Topics.
Information about functional differences
Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.