GPO WMI Filter to check if a machine is a server 2000 or 2003 and it is NOT a domain controler

Posted on 2008-11-15
Last Modified: 2013-12-05

Someone great with WMI filters could comment on this.  I want a "select * from" command for a WMI filter in AD GPO.

I want the filter to work in the "root\CIMV2" namespace of course. I want to check if the following is true;

A windows Server, 2000 or 2003 and NOT a domain Controler.

Thanks in advance.
Question by:PeterSinger
    LVL 28

    Accepted Solution

    Instead of creating an elaborate WMI filter, why not put the DCs in OU "DCs" and the member servers in a different OU "MemberServer" and link the GPO(s) accordingly?
    LVL 28

    Assisted Solution

    BTW, WMI filters are not supported on Windows 2000
    LVL 4

    Author Comment

    The solution is to create a WMI filter with the following statement;
    For Server 2003 and above only
    Select *  from Win32_ComputerSystem where DomainRole = 3
    As commented above the WMI filter will not work on a 2000 server at all.
    I created a batch file and ran it in the logon section and made this policy only run at logon.
    The script did a check fior the operating system then ignored windows 2000 domain controlers.
    for /f "tokens=* delims=" %%a in ('ver') do @set osversion=%%a
    LVL 4

    Author Closing Comment

    I placed the solution on-line to the issue but I would not have reached the solution if the comment was not made about Windows 2000 abilities re WMI filters.

    Featured Post

    Why spend so long doing email signature updates?

    Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

    Join & Write a Comment

    A quick step-by-step overview of installing and configuring Carbonite Server Backup.
    Know what services you can and cannot, should and should not combine on your server.
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now