Mar 06 2018 01:59 AM
Hi
I am configuring GPO for Local WSUS server in Windows 2012 Domain Server. Need to enable the Local WSUS access for particular security groups only. So i did the following steps.
1. Created Security group
2. Created GPO and modified the windows update policy in Computer Settings.
3. Gave Read only access for Authenticated Users and gave full permission for Security group.
4. Linked the GPO in our domain
But the GPO is not applying and getting error "Filtering denied security".
Herewith i have attached error screenshot. Please guide me to resolve this error.
Regards,
Martin Jebaraj
Mar 06 2018 08:11 AM
I'm moving this post to the Windows Server community for better visibility to your question.
Mar 06 2018 10:41 PM
I'm guessing that you were modifying permissions for the GPO on the Delegation tab?
Which Security Group is added on the Scope tab under Security Filtering? You should remove the Authenticated Users group from the security filtering and add your own security group, no need to change anything on the Delegation tab.
Mar 06 2018 10:46 PM
Also check if your security group scope is set to Global.
Mar 07 2018 12:28 AM
Hi Martin,
It looks like you didn't add the computer account to the Security Group you created. According to the screenshot, it looks like the computer account is only a member of the standard groups. How did you name your security group?
Best regards,
Ruud Gijsbers
Mar 07 2018 03:58 AM
Yes.Created security group as global.
Mar 07 2018 04:10 AM
Hi Ruud Gijsbers,
Thanks for your update.
I have added computer accounts in the security group. But happening the same issue.
Regards,
Martin Jebaraj
Mar 07 2018 04:36 AM
Hi Martin,
Did you do a gpupdate /force on the machines after you added them to the security group? And what does the gpresult show now?
Best regards,
Ruud Gijsbers
Mar 07 2018 04:39 AM
Mar 07 2018 04:43 AM
Mar 07 2018 04:45 AM