Setting some user branch rules for specific users on specific machines only.
Forget old school loopback mode – use WMI Filtering instead.
Create a WMI Rule.
Syntax is like
select * from Win32_ComputerSystem where ( Name like 'MACHINE%' or Name = 'SERVERX') and (UserName like 'mueller%' or Username = 'meier' ) or select * from Win32_ComputerSystem where ( Name like 'MACHINE%' or Name = 'SERVERX') and (Name <> 'MACHINE123' or Name <> 'MACHINE124' )
You MUST (!!!) add your Users to the WMI’s Delegation block.
Create A GPO object.
Add your users to ‘security filters’. (Check GPO’s Delegation for ‘Authenticated Users’ read only [switch off GPO pulling!]’)
Switch your WMI-Filter on
You wanna set user branch settings on some machines only?
Add your users to GPO’s ‘Security Filters’ and filter via WMI for machines.
You wanna set machine branch settings for some users only?
Add your machines to ‘Security filters’ and filter via WMI for users.
bytes and bones 