This may be seen within the Group Policy Management Console (GPMC) when the permissions on the GPO have been changed. By default the Authenticated Users group (which covers all Users and Computers within the domain) has Read and Apply group policy permissions. This means that the GPO will apply to any users or computers within scope. i.e. where the GPO is linked to a Site, Domain or OU that the user/computer is a member of.
If a GPO admin has removed these permissions which may have been done in an attempt to apply GPO filtering AND if the user seeing the message is not a Domain Admin then this message may appear. Domain Admins by default have Read access to GPOs hence why they should not normally see this message, however if their Read permissions have also been removed then they would get the error.
Within the GPMC click on the GPO in question, then go to the delegation tab, click on the Advanced button on the bottom right of the screen and add the Authenticated Users group back in and give them Read access.
Note, Authenticated Users should now always have at least read permissions as computers processing the GPO need to be able to read the policy. This did not used to be the case, however Microsoft implemented a security update in June 2016 which changed this behaviour.