What is the purpose of Security Filters and how are they used?
NetIQ Group Policy Administrator 2.0
NetIQ Group Policy Administrator 3.0
NetIQ Group Policy Administrator 4.x
NetIQ Group Policy Administrator 5.0
Security Filters perform the following two functions:
- Filter the scope of a GPO
- Delegate administration of a Group Policy
To filter the scope of a GPO, please perform the following steps:
- Select a GPO in the GP Repository.
- Right-click the GPO and select Properties.
- Select the Security tab. There are six access permissions that can be configured:
- Full Control
- Create All Child Objects
- Delete All Child Objects
Allow explicitly permits the user or group to perform the function.
Deny explicitly prevents users or groups from performing said function.
NOTE: No permission (neither Allow nor Deny are checked) is an implicit Allow or Deny.
To delegate the administration of a GPO perform the following steps:
- Select a GPO node, right-click on it and select Adjust Filters.
- Then choose from the list of users/computers and groups from any OU or container in the domain. There will be three filters that you can modify:
- View GPO settings
- Receive GPO settings
- Edit GPO settings