Group policy has two main configurations, user and computer. Accordingly, the computer policy is applied to the computer despite of the logged user and the user configuration is applied to the user despite of the computer he is logged on.
We have a Domain, this Domain has two different organizational units (OU) Green and Red, Green OU contains a Computer account and Red OU contains User account.
The Green policy, which has settings “Computer Configuration 2” and “User Configuration 2” is applied to the OU with the computer account.
The Red policy, which has settings “Computer Configuration 1” and “User Configuration 1”, is applied to the OU with the User account.
If Loopback processing of Group Policy is not enabled and our User logs on to our Computer, the following is true:
The User gets Computer Configuration 2 and User Configuration 1. This is absolutely standard situation, where policies are applied according to the belonging to the OU. User belongs to the Red OU, he gets the Red User configuration 1 accordingly.
Enable the Loopback processing of Group Policy for the Green OU. In this case if the User logs on to the Computer, the policies applied in the following way:
The User is getting User Configuration 2 despite of the fact that he belongs to the Red OU. So, what has happened in this scenario, the User Configuration 1 was replaced with the User Configuration 2, i.e. with the configuration applied to the Computer account.
The enabled “Loopback in replace mode”. The Loopback processing of Group Policy has two different modes, Replace and Merge. Replace mode replaces User Configuration with the one applied to the Computer, whereas Merge mode merges two User Configurations.
Merge mode, if there is a conflict, for example two policies provide different values for the same configuration setting, the Computer’s policy has more privilege. For example in this scenario, in case of the conflict the User Configuration 2 would be enforced.
To enable Loopback Processing navigate to: Computer Configuration/Administrative Templates/System/Group Policy/Configure user Group Policy loopback processing mode