Problem: GPOs are not applied when authenticated users are not set in securityfilter

Problem:

GPOs are not applied when ‘authenticated users’ are not set in securityfilter.

Investigation:

It is not recommended to delete ‘authenticated users’ from the security filter.
image

Solution:

You can try to add the groups you need in the security filter, and remove the authenticated users, afterwards. Then switch to the delegation tab and add authenticate users here with just read access.
image

Make also sure that, all users or machines are shown as members of the group in the security filter.

On UCS side make sure the group exists in samba and openLdap

univention-ldapsearch cn='Domain Computers'
univention-s4search cn='Domain Computers'