I have noticed that some GPOs in use here are Security Filtered to certain AD groups, and Authenticated Users has been removed from the default Security Filter. This is all very normal and good.
However, switching to the Delegation tab of the GPO, I see Authenticated Users listed with Read permission - but not with the "(from Security Filtering)" suffix. This means that someone has specifically added Authenticated Users to the Delegation tab, I think? And does this mean that the groups defined in the Security Filtering section will effectively be overridden? I just want to check I am correct before I go complaining :-) I created a test GPO and it seems to indicate that I am correct, but I like to double-check first Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
