Issue with GP WMI filters


I am having an issue with WMI with a GP.  The GP is working properly but when I add the WMI filter it doesn't work.  This filter is suppose to remove offline files feature from desktop computers.

This is the code for the WMI filter

select * from Win32_SystemEnclosure where ChassisTypes = 1 or ChassisTypes = 2 or ChassisTypes = 3 or ChassisTypes = 4 or ChassisTypes = 5 or ChassisTypes = 6 or ChassisTypes = 7 or ChassisTypes = 13 or ChassisTypes = 15 or ChassisTypes = 16 or ChassisTypes = 17

The GP setting is
Do not automatically make redirect folders available offline.

This is under user settings.

The end result is if you are a laptop ignore this GP.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dbrs_helpdeskAuthor Commented:
I ran this script to find out what I actually have.  It says my Chassis type for my desktop computers is 15.  I have set the WMI filter to this and I still get the same thing.

My WMI filter looks like this now  

elect * from Win32_SystemEnclosure where ChassisTypes = 15
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colChassis = objWMIService.ExecQuery _
    ("Select * from Win32_SystemEnclosure")
For Each objChassis in colChassis
    For  Each strChassisType in objChassis.ChassisTypes
        Select Case strChassisType
            Case 1
                Wscript.Echo "Other"
            Case 2
                Wscript.Echo "Unknown"
            Case 3
                Wscript.Echo "Desktop"
            Case 4
                Wscript.Echo "Low Profile Desktop"
            Case 5
                Wscript.Echo "Pizza Box"
            Case 6
                Wscript.Echo "Mini Tower"
            Case 7
                Wscript.Echo "Tower"
            Case 8
                Wscript.Echo "Portable"
            Case 9
                Wscript.Echo "Laptop"
            Case 10
                Wscript.Echo "Notebook"
            Case 11
                Wscript.Echo "Handheld"
            Case 12
                Wscript.Echo "Docking Station"
            Case 13
                Wscript.Echo "All-in-One"
            Case 14
                Wscript.Echo "Sub-Notebook"
            Case 15
                Wscript.Echo "Space Saving"
            Case 16
                Wscript.Echo "Lunch Box"
            Case 17
                Wscript.Echo "Main System Chassis"
            Case 18
                Wscript.Echo "Expansion Chassis"
            Case 19
                Wscript.Echo "Sub-Chassis"
            Case 20
                Wscript.Echo "Bus Expansion Chassis"
            Case 21
                Wscript.Echo "Peripheral Chassis"
            Case 22
                Wscript.Echo "Storage Chassis"
            Case 23
                Wscript.Echo "Rack Mount Chassis"
            Case 24
                Wscript.Echo "Sealed-Case PC"
            Case Else
                Wscript.Echo "Unknown"
            End Select

Open in new window

I guess this is not exactly what you want to hear, but what about slightly different approach? Very simple solution:
1. Link the redirection policy to entire domain or OU you need.
2. Create new security group called "Desktops"
3. Remove "read and apply" permissions to this group on GPO
dbrs_helpdeskAuthor Commented:
Do you have to add the computers to the desktops security group?
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

dbrs_helpdeskAuthor Commented:
I have applied the GP for all laptops in their respective OU's.  When I run a gpresult, the group policy does not show up in the list.  I have forced replication and I have ran on the test workstation a gpupdate /force.  Tthe final thing I have looked at was GPMC and the policy inheritance.  It shows that this policy number 1 instead of the last one of the list.  I don't know if that is correct.
In this case just move the policy in the list in GPMC. Let us know if something changed.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dbrs_helpdeskAuthor Commented:
I found out that when I keep authenticated users, it works for both users and computers.  Since our ad structure separates workstations and laptops I will deploy the GP to the proper OU.

Thanks for all your help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.