NIST's guidance for a Zero Trust Architecture

Active Directory Policies

GPO Delegation

Just like other AD objects, security principals can be assigned permissions to access a GPO. The following are the list of permissions that can be assigned:

  • Read
  • Edit Settings
  • Edit Settings, Delete, Modify security

The following steps illustrate how to set permissions for a GPO:

  • In the right pane, select the Delegation Tab. The list of users with their permission will be displayed under the Group and Users section
  • Click Add to add a specific user, group or computer. Select the permission from the drop down list and click OK

People also read

Managing GPOs in Active Directory

Group Policy Management Console (GPMC)

Managing GPOs with Group Policy Management Console

Group Policy Objects (GPOs): Different Policy Settings

Related posts
Active Directory Policies

Group Policy Management Console (GPMC) – Part II

Active Directory Policies

Fine-Grained Password Policy: A Step-by-Step Configuration Guide

Active Directory Policies

Active Directory Account Lockout Policy

Active Directory Policies

Active Directory Password Policy