Configure GPO to Allow WMI access to all workstations in a Domain Environment

Make sure you are editing your group policy object from a Windows 7 or Server 2008 R2 machine to ensure you are editing the policy with the same client-side extension present.

1. Open up Group Policy Management on your domain controller.


2. Edit the group policy object you wish to put these settings into or create a new one.


3. Right Click the new GPO, click Edit, and Expand the Computer Config > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules node.

4. Right-click in the working area and choose New Rule...

5. Choose the Predefined option, and select Windows Management Instrumentation (WMI) from the drop-down list, Next.


6. There are a number of options here, but I tend to just select (WMI-In) and (DCOM-In) option with the Domain profile value. If you aren't sure what you need, then just remember you can come back and add the others later. Next button.




7. Allow the connection > Finish.




8. Link the GPO to the desired OU containing your Workstations and or Servers

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us
Provide feedback for the Documentation team!