I have a set of laptops that we hand out to people and would like to have them locked down as much as possible. I don't quite understand if you can have user and computer settings configured in the same gpo. The policy is applied to an ou with the floater laptops sitting in that ou. Do I also need the user accounts that will be using the laptop to be in that ou as well? If I look under Security Filtering on the policy it has Authenticaed users which I thought would mean all users that logged onto the laptop. So right now I have a ton of settings applied to that ou but non of them take effect on the laptop. Any help would be great. thanks