I have one computer that needs to be on a different GPO due to it being used for the boardroom meetings and the board of the directors do not like the 15 minute inactivity time that I have set on the Default Domain Policy. They want the computer to never lock due to inactivity and then have to sign back in again. But I am having major difficulties with the boardroom computer accepting this and picking the correct policy as the Winning GPO.
When I run the gpresults command, under Computer Configuration Summary - it shows that this GPO Was Applied. Under User Configuration Summary - it shows that this GPO was Denied (Security Filtering)....When I scroll down the page, it lists Computer Configuration and it has the Default Domain Policy as the Winning GPO on everything except Account Policies/Account Lockout Policy.
On the Group Policy Management on the domain controller - In the Scope section and underneath Security Filtering, I have the Boardroom Computer added here. On the Delegation section and underneath Advanced, I have the Read, Write, and Allow Group Policy allowed for the Computer Name permission.
On the Precedence, I have the boardroom GPO as number one and the Default Domain Policy as number two. They are both Link Enabled and I have the boardroom as Enforced and the Default Domain Policy as not enforced.
Another issue that I don't know is interfering with this or not is that my primary domain controller is Server 2012 and I can't edit the Group Policys on it because not all of the options are there, so I have been working all of this on my secondary domain controller which is Server 2008.
What do I need to do or check to make this works the way that it needs to? Thank you.