When applying Security Filtering, ensure [Delegation] tab for Authenticated Users have Read permissions
With Security Filtering, Security Groups can be located in any OU. Only User or Computer object must be inside the linked OU.
On Client side
RSoP (Resultant Set of Policy)
run > rsop.msc
Check what’s applied on Client computer
gpresult /r gpresult /Scope User /v #Run as Administrator to see Computer Configuration GPOs gpresult /Scope Computer /v gpresult /Scope Computer /v | more #Export to html gpresult /h c:\gpreport.html