Active DirectoryMicrosoft Technologies

Group Policy Item-Level Targeting

Item-level targeting can use to target group policy preference settings based on application settings and properties of users and computers in granular level. we can use multiple targeting items in preference settings and make selections based on logical operators (AND, OR, IS, IS NOT).

Item-level targeting in group policy preferences can setup/manage using GPMC. To do that open the group policy settings > Go to relevant Preference settings > right click and select properties 

In my example I am using GPO created for IE 10 Settings, there for the path for it is User Configuration > Preferences > Internet Settings > Internet Explorer 10. Then right click and select properties

From properties window, then select Common tab > tick item-level targeting > then click on Targeting button. 

item1

In next window, we can build granular level targeting based on one item or multiple items with logical operators. 

item2

In above example I have built a query based on three setting which is NetBIOS name, Operating System and IP address. In order to apply the preference setting, all three statements should give TRUE value as result as I used AND logical operator. If its OR logical operator the result can have True or False values. 

In the window, New Item menu contained items we can use of targeting. Add Collections allows to create parenthetical grouping. Item Options menu is responsible for defining logical operators. 

WMI Filters is another way of targeting objects in group policies. We will look in to it in next blog post. 

This marks the end of this blog post. Hope this was useful. If you have any questions feel free to contact me on rebeladm@live.com also follow me on twitter @rebeladm to get updates about new blog posts.

Related posts
Cyber SecurityMicrosoft Entra IDMicrosoft Technologies

Microsoft Entra lifecycle workflows Part 02 - How to synchronize value for employeeHireDate attribute from on-premises Active Directory ?

In my previous blog post, I explained how we can automate JML (Joiners/Movers/Leavers) process by…
Read more
Azure servicesMicrosoft Entra IDMicrosoft Technologies

Step-by-Step Guide : Automate JML(Joiners/Movers/Leavers) process with Microsoft Entra lifecycle workflows

JML (Joiners/Movers/Leavers) process of an organization has a major impact on its security and…
Read more
Cyber SecurityMicrosoft DefenderMicrosoft Technologies

Microsoft Defender for Identity Part 02 – Create Directory Service Account

In Part 01 of Microsoft Defender for Identity blog series, I have explained about Microsoft Defender…
Read more
Newsletter
Become a Trendsetter

Sign up and get the best of RebelAdmin, tailored for you.

Leave a Reply

Your email address will not be published. Required fields are marked *