This post contains some example WMI filters for you to use in Group Policy Objects (GPOs) to target and manage specific Windows Server versions like 2012R2, 2016 and Windows Server 2019.
Using the Windows Management Infrastructure, or WMI, Windows admins can create filters to apply GPOs more granular on specific versions of Windows Server. In this post I provide some basic examples.Learn how to create WMI filters for Group Policy to manage Windows Server Click To Tweet
If you use PowerShell 5.1, you can verify WMI filters with
Get-WmiObject in the Win32_OperatingSystem class:
PS C:\> Get-WmiObject -Class Win32_OperatingSystem | Select Version, ProductType
PS C:\> Get-WmiObject -Class Win32_OperatingSystem | Select Version,Name,ProductType
Selecting Name, it’s easy to select Windows Server 2012 R2. It’s recommended to use a LIKE sub-selection
Select Name From Win32_OperatingSystem Where Name Like '%Windows Server 2012 R2%'
In a nutshell I’ll provide some easy to us WMI filter examples:
# Windows Server 2012 en 2016 by Name Select Name From Win32_OperatingSystem Where Name like '%Windows Server 2012 R2%' Or Name Like '%Windows Server 2016%'
# Windows Server 2016 by Version Select Version From Win32_OperatingSystem Where Version Like "10.0.14%"
Why did I use “Like “10.0.14%”“? Simply because Windows Server 2019’s version number also starts with 10.0. So by not adding .14 I’d also match Windows Server 2019:
# Windows Server 2016 en 2019 by Version Select Version From Win32_OperatingSystem Where Version Like "10.0%"
And finally to only target Windows Server 2019:
# Windows Server 2019 by Version Select Version From Win32_OperatingSystem Where Version Like "10.0.17%"
Note: in PowerShell 6.2 and up, the WMI v1 cmdlets, like
Get-WmiObject, are deprecated. See Breaking Changes for PowerShell 6.x. You now have to use CIM (aka WIM v2), like for example
PS C:\> Get-CimInstance -Class Win32_OperatingSystem | Select Version, ProductType Version ProductType ------- ----------- 10.0.17763 3
Using WMI filters like these in Group Policy Management Console, you can fine-tune your GPO targetting.
If needed, you can even query the hardware manufacturer in your script:
(Get-CimInstance -ClassName Win32_ComputerSystem).Manufacturer
My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization.
Want to support me and donate? Use this link: https://paypal.me/jreilink.