Usually, when group policy is applied, it is applied for all the computers or user groups or all the users. There are no exceptions. However, if you want to exclude individual Users or Computers from a Group Policy Object (GPO), then there is a method. It will allow you to exclude a single user or computer. Before we start, this works on a Windows 10 computer that is part of the domain. It means you cannot apply this to computers you are using at home.
Exclude Individual Users or Computers from Group Policy Object
- Select the Group Policy Object in the Group Policy Management Console (GPMC) t0 which you want to apply the exception
- Click on the “Delegation” tab and then click on the “Advanced” button.
- Click on the Add button and choose the user or computer whom you want to exclude from group policy enforcement.
- When searching, the user is the default search mode.
- Switch to all searches to list computers as well.
- You can also add user group if you want to block a bunch of users.
- Select the user or user group or the computer you added.
- Locate Apply group policy in permissions and checkmark deny. Click Apply and then OK.
- Link the group policy to a container or OU (If you haven’t done already).
Open Command Prompt by typing cmd in the Run prompt (Win +R) and launch it using Ctrl+Shift+Enter. It will open a command prompt with admin permission.
Next, type gpupdate, and press the Enter key to execute the command. It will instantly apply the change across the computer with the exception made.
That’s about it.
I hope the post was easy to follow, and you were able to exclude individual Users Or Computers From A Group Policy Object.
Make sure you group people whenever possible else, it will be difficult to remember and manage them.
Related Read: How to apply Group Policy to Non-administrators only
- Tags: Group Policy