First you need to have all computers joined to the domain and make sure that you are logging in with a domain user not a local user.
It will be easier to keep the users and the computers separate, you will never see them co-mingle in a corp environment even in a sbs environment you will not see this.
When you assign a group policy to an OU, only those under that OU will be effected. It is much better practice to use a top level OU and apply policies based on groups (taking out authenticated users). Groups can include computers or users, I would not recommend using both in the same group. Separate the policies out based on computers or based on users. The Computer Configuration portion of group policies only get applied to computers, regardless if you are trying to apply the policy to users, the User Configuration portion of group policy only gets applied to users regardless if you are trying to apply the policy to computers.
Basically, the user section will only ever get applied to users, the computer policy will only get applied to computers and servers.
Keep it simple, keep the tree simple and you will not have problems. It looks like you are starting to over complicate things without knowing the ramifications of doing so. The defaults are plenty simple enough. Everything in AD trickles down not up. As you start in the tree and start drilling down, anything that is getting applied to the top level will trickle down to the levels you are opening....if you are opening things below and are trying to get them to apply above, it will not work...and it will not cross over to other OU's, it needs to be above the ou you are in to trickle down to it.