Configure GPO to Allow WMI access to all workstations in a Domain Environment


To complete a thorough assessment of your domain environment WMI must be enabled. Without WMI enabled our assessment scope will be limited to select workstations we have physical access to and will dramatically impact assessment data.

Please follow the steps below to enable WMI on your domain controller.

1. Open up Group Policy Management on your domain controller.

2. Edit the group policy object you wish to put these settings into or create a new one.

3. Right Click the new GPO, click Edit, and Expand the Computer Config > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules node.

4. Right-click in the working area and choose New Rule…

5. Choose the Predefined option, and select Windows Management Instrumentation (WMI) from the drop-down list, Next.

6. There are three options here, leave all three selected. Next button.

7. Allow the connection > Finish.

8. Link the GPO to the desired OU containing your Workstations and or Servers

 9. (Optional) Remove the newly created GPO once the network assessment is completed.