https://www.udemy.com/active-directory-group-policy-2012/learn/v4/t/lecture/8378312?start=0
A Non-Inheriting Organizational Unit will NOT inherit any Group Policy Objects that are not directly linked EXCEPT for GPOs that are enforced!
Server Manager > Tools > Active Directory Users and Computers
To update policies immediately (instead of 90 minutes or so)
gpupdate /force
To make an OU non-inheriting:
Tools > Group Policy Management > Right-click the OU > Blck Inheritance
- Some versions of Windows may not give any visual clues that an OU is set as non-inheriting, so it is recommended to change the name as such
- Example: This User (non-inheriting)
- However, my AWS version shows an icon with a blue ! to show it is non-inheriting, so this technique is not required.