As part of a rollout for a specific policy we are applying to the company, we are pushing a policy that will be effected by security filtering at the outset. It works, and I can test it and when I check the GPResults I definitely see that the policy was denied by security. To perform the security filtering, I created a security group, added the computer accounts that I do NOT want to be affected by the policy, and then denied that security group the ability to apply the group policy. As I stated before, it works... but slowly. I was wondering if anyone else could explain why after making a change to the membership of the security group, it seems to take "some time" for the change to take effect as far as the security filtering is concerned. I know it's not a replication issue (if that even matters) as I push out the changes to the other DCs, yet it still takes awhile for the change in the security group to effect the security filtering applied against the GPO. Any thoughts? Thanks, ~Ben _______________________________________ Best way to annoy your co-workers? E-mail. <http://abcnews.go.com/print?id=5351908>