Open up Group Policy Management on your domain controller. (gpedit.msc)
2. Edit the group policy object you wish to put these settings into or create a new one.
3. Right Click the new GPO, click Edit, and Expand the Computer Config > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules node.
4. Right-click in the working area and choose New Rule...

5. Choose the Predefined option, and select Windows Management Instrumentation (WMI) from the drop-down list, Next.

6. There are a number of options here, but I tend to just select (WMI-In) and (DCOM-In) option with the Domain profile value. If you aren't sure what you need, then just remember you can come back and add the others later. Next button.

7. Allow the connection > Finish.

8. Link the GPO to the desired OU containing your Workstations and or Servers
