WMI Filtering for a MemeberOf Group

Posted on 2011-05-11
Last Modified: 2012-06-27
I am looking to create a LOOPBACK GPO that if both WMI Filters are True then it applies.

I currently have the one filter in place.
SELECT * FROM Win32_ComputerSystem where name like "LT-%"

Open in new window

The second one I am trying to apply is Not a MemberOf security group.

I know I can apply GPO to specific groups, but it will be easier to manage if the user is not part of the group.

Is this even possible?

Question by:yo_bee
    LVL 21

    Accepted Solution

    Why not just go to delegation - advanced - and add in the security group that there.

    Deny the security group read permission/apply group policy.

    Then set the main scope filtering to authenicated users. Then the policy would apply to every object except for members in the security group if they meet the wmi filter.
    LVL 21

    Author Comment

    Nice idea. I will let you know how it works.
    LVL 21

    Expert Comment

    by:Joseph Moody
    No problem.
    LVL 21

    Author Closing Comment

    This worked perfect.
    It is funny how something can be staring you in the face and not see it.

    Thanks so much. This saved me a lot of wasted energy.
    LVL 21

    Expert Comment

    by:Joseph Moody
    Not a problem! Sometimes it just takes an outside view.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    I came across this issue when setting up a two way forest level trust. so here's the scenario: A company wildcards acquired another company, bizworks ( both Fictitious). Wild cards: windows 2003 Domain & forest functional levels - Ad domain na…
    Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now