Windows OS Hub
  • Windows
    • Windows 11
    • Windows 10
    • Windows Server 2025
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
    • Proxmox
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows 10
    • Windows Server 2025
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
    • Proxmox
  • PowerShell
  • Linux

 Windows OS Hub / Group Policies / Using WMI Filter to Apply Group Policy to IP Subnet

February 16, 2021

Using WMI Filter to Apply Group Policy to IP Subnet

This time it was necessary to apply GPO to computers in the specific IP subnet. In the simplest case, when the subnet is a part of a separate Active Directory site (and this is the only subnet in the site) you can assign your GPO to the AD site. It is a simple and easy method. In our case, we can’t apply the policy to the whole AD site since several IP subnets is bound to it. We’ll have to use the feature of filtering policies using WMI filters.

Earlier we have considered using WMI filters to apply the specific Group Policy only to the certain Windows versions. In this case, in the same way you have to create a WMI filter and change the query so that it contains the condition to check IP addresses.

  1. Open GPMC.msc (Group Policy Management) console and find WMI Filters section.
  2. Create a new filter. To do it, right-click the section and select New in the context menu.Create new GPO WMI filter
  3. Specify the filter name and its description.
  4. To add a WMI query  click Add.wmi filter on ip subnets
  5. Leave root\CIMv2 as a namespace, and copy the following code to the query window:
    Select * FROM Win32_IP4RouteTable
    WHERE (Mask='255.255.255.255'
    AND (Destination Like '191.168.55.%' OR Destination Like '191.168.56.%'))
    wmi query Win32_IP4RouteTable
    Note. In this example, we created a filter that allows to apply the policy to clients using IP address templates with masks 191.168.55.x and 191.168.56.x. Replace these subnets with your own ones.
  6. Save the query.
  7. In GPMC console, select the policy you want to apply.
  8. In the WMI Filtering section of this policy settings, select the created filter in the dropdown list and assign the policy to the OU containing the computers.link WMI filter to Group Policy
Note. In some cases, it is more convenient to target a policy to the specific client subnets with the targeting feature of Group Policy Preferences, where you can set a range of IP addresses in one of the filters.

Now you have to update the policies on the clients (gpupdate /force) and make sure they are applied. (To make sure if your GPO has been applied, you can use the standard utility gpresult).

So using a simple WMI filter we can assign a Group Policy to clients in the specific IP networks or to a range of IP addresses.

4 comments
3
Facebook Twitter Google + Pinterest
Group Policies
previous post
PowerShell Remoting via WinRM for Non-Admin Users
next post
Fix: Slow Logins Caused by Long Group Policy Processing

Related Reading

Fix: Slow Logins Caused by Long Group Policy...

January 16, 2025

How to Deploy Certificates to Computers Using Group...

February 27, 2024

Managing Windows Update Settings with Group Policy

December 11, 2024

How to Configure and Deploy Screensaver on Windows...

December 8, 2023

Managing Windows 10 Start Menu Layout and Taskbar...

November 19, 2019

Using WMI Filters to Target Group Policies in...

June 5, 2024

Set Desktop Wallpaper and Logon Screen Background via...

March 15, 2024

4 comments

lanny March 7, 2019 - 3:59 pm

what would the WMI be to also all Windows 10 and the subnet?

Reply
admin March 14, 2019 - 11:30 am

Just add the second WMI query in the WMI Filter window with the code:
select * from Win32_OperatingSystem WHERE Version LIKE “10.0%” and ProductType = “1”
ref. https://woshub.com/group-policy-filtering-using-wmi-filters/

Reply
sdfvsdfv gsdgfd December 26, 2021 - 6:16 pm

Any idea why this doesn’t work?

Select * FROM Win32_IP4RouteTable
WHERE (Mask=’255.255.255.255′
AND (Destination Like ‘191.168.4.%’ OR Destination Like ‘191.168.5.%’ OR Destination Like ‘191.168.33.%’ OR Destination Like ‘191.168.3.%’))

Reply
Nalar August 31, 2022 - 6:25 am

Maybe the IP-Adress should be corrected it has to be 192.168.3.% not 191.168.3.% i guess

Reply

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • Failed to Open the Group Policy Object on a Computer

    June 2, 2025
  • Remote Desktop Printing with RD Easy Print Redirection

    June 2, 2025
  • Disable the Lock Screen Widgets in Windows 11

    May 26, 2025
  • Configuring Windows Protected Print Mode (WPP)

    May 19, 2025
  • Map a Network Drive over SSH (SSHFS) in Windows

    May 13, 2025
  • Configure NTP Time Source for Active Directory Domain

    May 6, 2025
  • Cannot Install Network Adapter Drivers on Windows Server

    April 29, 2025
  • Change BIOS from Legacy to UEFI without Reinstalling Windows

    April 21, 2025
  • How to Prefer IPv4 over IPv6 in Windows Networks

    April 9, 2025
  • Load Drivers from WinPE or Recovery CMD

    March 26, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • How to Configure and Deploy Screensaver on Windows with Group Policy
  • Fix: Slow Logins Caused by Long Group Policy Processing
  • Managing Windows Update Settings with Group Policy
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top