Item-level targeting is a feature of Group Policy that allows preference settings to be applied to individual users and/or computers within the scope of the Group Policy Object (GPO) that contains the preferences. Policy settings can also be filtered, but there are several important differences between item-level targeting of preference settings and the filters that can be used with policy settings:
- Policy settings within a GPO can only be filtered on an all-or-nothing basis: either the entire GPO will apply to a target or it won’t. Item-level targeting allows individual preference settings within a GPO to be applied or not, based on specified criteria. Different preference settings can be applied to different groups of targets.
- Policy settings are filtered using either security filters or WMI filters. Security filters are static and not very granular. WMI filters are dynamic and can be very granular, but the WMI Query Language in which they are written is complex and has a steep learning curve. Item-level targeting provides a great deal of granularity and an intuitive user interface for constructing filters.
- Item-level targeting allows an administrator to specify a list of conditions that must be met in order for a preference setting to be applied to a user or computer object. The conditions in the list are connected by Boolean AND or OR operators. When the list is evaluated, if the result is true, the setting is applied; if the result is false, it isn’t.
A wide variety of criteria are available for targeting settings to users and computers, including the following:
- Battery Present Targeting
- Computer Name Targeting
- CPU Speed Targeting
- Date Match Targeting
- Disk Space Targeting
- Domain Targeting
- Environment Variable Targeting
- File Match Targeting
- IP Address Range Targeting
- Language Targeting
- LDAP Query Targeting
- MAC Address Range Targeting
- MSI Query Targeting
- Network Connection Targeting
- Operating System Targeting
- Organizational Unit Targeting
- PCMCIA Present Targeting
- Portable Computer Targeting
- Processing Mode Targeting
- RAM Targeting
- Registry Match Targeting
- Security Group Targeting
- Site Targeting
- Terminal Session Targeting
- Time Range Targeting
- User Targeting
- WMI Query Targeting