NIST's guidance for a Zero Trust Architecture

Active Directory Policies

GPO Delegation

Just like other AD objects, security principals can be assigned permissions to access a GPO. The following are the list of permissions that can be assigned:

  • Read
  • Edit Settings
  • Edit Settings, Delete, Modify security

The following steps illustrate how to set permissions for a GPO:

  • In the left pane of the GPMC snap-in, select the GPO
  • In the right pane, select the Delegation Tab. The list of users with their permission will be displayed under the Group and Users section
  • Click Add to add a specific user, group or computer. Select the permission from the drop down list and click OK
Related posts
Active Directory Policies

Fine-Grained Password Policies

Active Directory Policies

Account Lockout Policy

Active Directory Policies

Password Policy

Active Directory Policies

Account Policies

Leave a Reply

Your email address will not be published. Required fields are marked *