Group Policy for cert auto enrollment

Ming Cheung 421 Reputation points
2021-11-05T10:08:39.53+00:00

146871-questiona.png

Policy A have filter limited to security group A
PC A is member of secuirty group A
Hi, i am not familiar in group prolicy, i try to simulate my company siuation as above
but not work,

  1. does PC A can appliy Policy A? i tried, but not work
  2. i suppose moving policy A to Top domain level should be work, but company does not such way
  3. does any command can help to check ? i dont know why this work in existing production, but i can not simulate out
    thank you
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,787 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,732 questions
0 comments
Accepted answer
  1. Vadims Podāns 9,111 Reputation points MVP
    2021-11-05T12:58:11.637+00:00

    does PC A can appliy Policy A?

    it cannot. Policy_A is applied to OU_A and OU_A does not contain object PC_A. As the result, GPO_A does not apply to PC_A. GPOs do not apply to groups.

    i suppose moving policy A to Top domain level should be work

    you need to apply Policy_A to OU_B where target objects reside.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest