Authenticated Users are, first of all, exactly authorized users, i.e. if you want to hide something from them, then you assume that you have a legal mole in the network. As for me, it makes sense to hide only the names of privileged accounts (that is, the objects themselves), while leaving access at least for domain computers, otherwise you risk having problems when you have to log in under them to the domain.
Regarding the article - the described change should not break the GPO, since it is advisable not to fix the permissions for them, but to hide only something more or less critical from a security point of view, a la the domain admins group and the like. And hiding the OUs themselves and other users is somewhat illogical, you can break something from the infrastructure in an unobvious way (for example, collecting the Exchange's address book).
The use of ADSIEdit in the article can be justified, but only to the extent indicated, and sometimes less, but this option is specifically described here https://docs.microsoft.com/en-us/openspecs/windows... and it says here that if suddenly there is at least something in the parameter, only one character should be changed - in this case, the third from the left. And this particular change in itself will not break anything.

The advice to disable the Administrator user is generally correct. Council not to work with the administrator's rights - too. Get yourself an account like vasyan and work under it, and use something like adm_vasyan for administration tasks. True, this is inconvenient and this rule is usually neglected.
But modifying something in the AD schema in general is fraught with problems. Software, even from M$, can safely assume that something is in some state, in which it is always. If it is not so in you, you will get a completely incomprehensible error or the program simply will not work.
If you need to hide some objects - well, create a separate OU, give the necessary rights, select the rest.