You have created Group Policy with some settings/restrictions but you want to exclude user or computer from applying policy.
In this example I`ll show you how to exclude computer from Group Policy, but same procedure can be done for users. We`ll be excluding computer from Windows Update GPO which I demonstrated how to create here – https://www.informaticar.net/?p=2058
!!! It is recommended to create new GPO for every setting/restriction. If you apply all your settings/restrictions into one GPO it will be very hard to administrate and manage.
Let’s start tutorial
I created group “NoUpdates” in Active Directory Users and Computers and added computer called SCSERVER to that group (same computer or user can be member of multiple groups in AD)
Next stop is Group Policy Management | Group Policy Object I created for Windows Update settings is called – Windows_Update | choose Delegation tab |Choose Authenticated Users |click on Advanced button on right bottom of the screen
Click on Add button
Enter name of the group (or user/computer) that you want to exclude from GPO (I`ll choose NoUpdates group I created at the beginning of tutorial) |OK
Choose group/user/computer you added and under Permissions tab for setting “Apply group policy” tick Deny |confirm with Apply |OK
If you want to immediately check results enter command gpupdate /force into command prompt (you need to run it as administrator) of the computer that exclusion applies to.
For some GPO settings that won`t be enough and you`ll have to restart computer.
In my case – server had automatically scheduled updates installation
After exclusion..
That’s it, exclusion for one computer or user or group works.