When you apply a group policy on a container or OU, it applies to all users or computers in that container. However, you can exclude single or multiple users or containers from the policy applied. This tutorial is written to show you how to exclude a single user from a group policy object.
Exclude a user from group policy object in Windows Server
Step 1. Open server manager dashboard. Click Tools -> Group policy management
Step 2. In the group policy management editor, open the group policy object you want to apply an exception on (Located in Group Policy Objects).
Step 3. Click Delegation tab -> Advanced
Step 4. Click Add and choose the user whom you want to exclude from group policy enforcement.
Step 5. Choose the user you entered in step 4.
Step 6. Locate Apply group policy in permissions and checkmark deny.
Step 7. Click Apply and then OK.
Step 8. Link the group policy to a container or OU (If you haven't done already).
Step 9. Execute the command:
gpupdate
on the command prompt.
