Guide to exclude single user or computer to exclude from the Group Policy

SP does not bode well with DOD FIPS compliance.  There is no work around except to get a waiver to exclude the SP server from implementing FIPS 140-2. FIPS 140-2 is implemented on OS level, possibly using GPO. You will have to exclude the SharePoint server from this GPO. Here is how you exclude it from GPO:

  1. Open the Group policy mmc with server manager > tools > group policy management
  2. Then expand the tree and go to the group policy that you like to exclude server. Mine is V-3383-FIPS Compliant GPO and click on Delegation

  3. On the bottom screen of the Delegation tab, click on Advanced button.
  4. Click on Add to add the server that you would like to exclude.

    Make sure to click on Object Type select Computers from the Object types and click Ok. Otherwise it will not find the server name.
  5. On the Security Settings dialog box, select the Server name we just included. On the Permission for the server, by default Read permission is allowed and leave as it is. Scroll down to Apply group policy and select Deny and click OK.
  6. Windows Security will alert you, Click Yes button