Authenticated Users and Group Policies

active-directory group-policy windows-server-2008-r2
11,040

Solution 1

The "group" (really a Security Principal) Authenticated Users is a collection of users and computers which authenticate to the domain. From "Well-known security identifiers in Windows operating systems":

SID: S-1-5-11

Name: Authenticated Users

Description: A group that includes all users whose identities were authenticated when they logged on. Membership is controlled by the operating system.

Security filtering can be used to apply [or prevent application of] policies to specific groups of users/computers. Typically you link a GPO within an OU and the policy applies to all users/computers within this OU. With filtering you can say: "apply this policy to only users in these groups within this OU".

When a policy's Security Filter is Authenticated Users is means the policy will apply to all users/computers which have authenticated to the domain. Of course, barring loop-back processing enabled, Computer Configuration settings will only apply to computer objects and User Configuration settings will only apply to user objects.

Solution 2

Computers have accounts in AD which they use for their own authentication and access to objects, so you can lock things down so that only 'known' AD users, including computers, can access an object. This does make sense with GPOs if you think about it.

Share:
11,040

Related videos on Youtube

Kyle Brandt
Author by

Kyle Brandt

Updated on September 17, 2022

Comments

  • Kyle Brandt
    Kyle Brandt over 1 year

    I don't fully understand the default Authenticated Users security filtering for group policies in Windows. When I set up WSUS I left this even though that falls under "Computer Configuration" and is only attached to Computer Objects.

    Should this basically always be left in place, if so, what is the exact purpose?

    The particular use case this time around is for a software install that is being placed under Computer Configuration.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Local group policy not applying (gpresult says its empty, but it's not)
GPO not applying to Clients
Password Policy seems to be ignored for new Domain on Windows Server 2008 R2
GPO Software Deployment Errors %%1274 and %%2
How do I apply WinHTTP proxy settings domain-wide?
Install Windows Server 2008 R2 Features and Roles through Group Policy
After disabling folder redirection My Documents still redirected
Windows 10 not getting gpo deployed printers
GPO to Set Wallpaper per Computer instead of per User
Unable to restore a backup GPO in Active Directory