• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1237
  • Last Modified:

Issue with GP WMI filters


I am having an issue with WMI with a GP.  The GP is working properly but when I add the WMI filter it doesn't work.  This filter is suppose to remove offline files feature from desktop computers.

This is the code for the WMI filter

select * from Win32_SystemEnclosure where ChassisTypes = 1 or ChassisTypes = 2 or ChassisTypes = 3 or ChassisTypes = 4 or ChassisTypes = 5 or ChassisTypes = 6 or ChassisTypes = 7 or ChassisTypes = 13 or ChassisTypes = 15 or ChassisTypes = 16 or ChassisTypes = 17

The GP setting is
Do not automatically make redirect folders available offline.

This is under user settings.

The end result is if you are a laptop ignore this GP.
  • 4
  • 2
1 Solution
dbrs_helpdeskAuthor Commented:
I ran this script to find out what I actually have.  It says my Chassis type for my desktop computers is 15.  I have set the WMI filter to this and I still get the same thing.

My WMI filter looks like this now  

elect * from Win32_SystemEnclosure where ChassisTypes = 15
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colChassis = objWMIService.ExecQuery _
    ("Select * from Win32_SystemEnclosure")
For Each objChassis in colChassis
    For  Each strChassisType in objChassis.ChassisTypes
        Select Case strChassisType
            Case 1
                Wscript.Echo "Other"
            Case 2
                Wscript.Echo "Unknown"
            Case 3
                Wscript.Echo "Desktop"
            Case 4
                Wscript.Echo "Low Profile Desktop"
            Case 5
                Wscript.Echo "Pizza Box"
            Case 6
                Wscript.Echo "Mini Tower"
            Case 7
                Wscript.Echo "Tower"
            Case 8
                Wscript.Echo "Portable"
            Case 9
                Wscript.Echo "Laptop"
            Case 10
                Wscript.Echo "Notebook"
            Case 11
                Wscript.Echo "Handheld"
            Case 12
                Wscript.Echo "Docking Station"
            Case 13
                Wscript.Echo "All-in-One"
            Case 14
                Wscript.Echo "Sub-Notebook"
            Case 15
                Wscript.Echo "Space Saving"
            Case 16
                Wscript.Echo "Lunch Box"
            Case 17
                Wscript.Echo "Main System Chassis"
            Case 18
                Wscript.Echo "Expansion Chassis"
            Case 19
                Wscript.Echo "Sub-Chassis"
            Case 20
                Wscript.Echo "Bus Expansion Chassis"
            Case 21
                Wscript.Echo "Peripheral Chassis"
            Case 22
                Wscript.Echo "Storage Chassis"
            Case 23
                Wscript.Echo "Rack Mount Chassis"
            Case 24
                Wscript.Echo "Sealed-Case PC"
            Case Else
                Wscript.Echo "Unknown"
            End Select

Open in new window

I guess this is not exactly what you want to hear, but what about slightly different approach? Very simple solution:
1. Link the redirection policy to entire domain or OU you need.
2. Create new security group called "Desktops"
3. Remove "read and apply" permissions to this group on GPO
dbrs_helpdeskAuthor Commented:
Do you have to add the computers to the desktops security group?
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

dbrs_helpdeskAuthor Commented:
I have applied the GP for all laptops in their respective OU's.  When I run a gpresult, the group policy does not show up in the list.  I have forced replication and I have ran on the test workstation a gpupdate /force.  Tthe final thing I have looked at was GPMC and the policy inheritance.  It shows that this policy number 1 instead of the last one of the list.  I don't know if that is correct.
In this case just move the policy in the list in GPMC. Let us know if something changed.
dbrs_helpdeskAuthor Commented:
I found out that when I keep authenticated users, it works for both users and computers.  Since our ad structure separates workstations and laptops I will deploy the GP to the proper OU.

Thanks for all your help.

Featured Post

Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now