mikey250
asked on
how to wmi filtering query
hi after been told about 'wmi filtering' i have attempted a practical test as below:
currently i have 3 separate types of 'ou's/gpo ie:
- domain controller - x 1
- member servers - win 2003 - wsus/isa 2006/wds
- host pc - xp type
i have also configured my gpo's via computer configuration using 'admin account for all above machines just to receive updates from 'wsus' & all machines working successfully!!!
wmi filter - added:
ive followed the step by step instructions from 'option 2' and currently running the: gpupdate on all my windows 2003 os.
option 1. basic explanation: http://support.microsoft.com/kb/555253
option 2. a more clear explanation showing 5 steps: http://community.spiceworks.com/how_to/show/1432
I understand what i have done but in my mind other than linking via each gpo i have to the 'wmi filters x 3 i had created it has not done anything from a visual/practical point of view!!!
detects - win 2003 machines that are not domain controllers:
- select * from Win32_OperatingSystem where Version like "5.2%" and ProductType="3"
detects - win 2003 machines that are domain controllers:
- select * from Win32_OperatingSystem where Version like "5.2%" and ProductType="2
detects - xp machines:
- select * from Win32_OperatingSystem where Version like "5.1%"
question 1. can anyone advise me ?
would be appreciated!!!
currently i have 3 separate types of 'ou's/gpo ie:
- domain controller - x 1
- member servers - win 2003 - wsus/isa 2006/wds
- host pc - xp type
i have also configured my gpo's via computer configuration using 'admin account for all above machines just to receive updates from 'wsus' & all machines working successfully!!!
wmi filter - added:
ive followed the step by step instructions from 'option 2' and currently running the: gpupdate on all my windows 2003 os.
option 1. basic explanation: http://support.microsoft.com/kb/555253
option 2. a more clear explanation showing 5 steps: http://community.spiceworks.com/how_to/show/1432
I understand what i have done but in my mind other than linking via each gpo i have to the 'wmi filters x 3 i had created it has not done anything from a visual/practical point of view!!!
detects - win 2003 machines that are not domain controllers:
- select * from Win32_OperatingSystem where Version like "5.2%" and ProductType="3"
detects - win 2003 machines that are domain controllers:
- select * from Win32_OperatingSystem where Version like "5.2%" and ProductType="2
detects - xp machines:
- select * from Win32_OperatingSystem where Version like "5.1%"
question 1. can anyone advise me ?
would be appreciated!!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
yes understood but i thought 'wmi filtering' was what was used to test a gpo before configuration took place as it would apparantely 'not' activate, which is especially useful if on wrong version of machine on a global scale anyway or not just a small scale !!! ?
i will look at the 'gpo wizard'
thanks!!!
i will look at the 'gpo wizard'
thanks!!!
ASKER
hi dvt_localboy,
yes i have run: gpresult /v - ok
im now beginning to understand the difference between the both:
wmi filter:
currently i add some filter commands to only detect the following:
- window 2003 non domain controllers
- windows 2003 domain controllers
- xp machine
win 2003 - resultant set of policy or win 2008 gp modelling wizard (none as):
i followed the instructions as per:
- http://www.petri.co.il/group-policy-object-modeling-windows-server-2008.htm
and although i did not have to link to my 'wmi filters' i did do, which also stated while following the 'wizard' that my filters were 'true'.!!!!!!!! ok
at the end of the 'wizard' detecting specifically my domain controller it prompted another window in 'gpmc' showing me a summary of my domain controllers settings that i had set in gpo aswell as defaults it appears. - ok
ok getting there!!
wmi filters:
- so i could have 2 host xp machines with 2 different types of software so using the filter enables me to distinguish between the both.
- if these types of distinctions were not really needed then 'wmi filter' would not be used. (purely preferential)!!!!
resultant set of policy: - this detects if a gpo was functional so i could then troubleshoot!!
- taking into consideration the 2 'wmi filters' i have added, i may want to setup a gpo specific to each of those specific 2 host xp machines, so directing the wizard through the filters ensures the specific host xp is configured correctly!!
additionally doing checks also with:
- gpudpate
- gpupdate /force
- gpresult /v
- rsop
- eventviewer
yes i have run: gpresult /v - ok
im now beginning to understand the difference between the both:
wmi filter:
currently i add some filter commands to only detect the following:
- window 2003 non domain controllers
- windows 2003 domain controllers
- xp machine
win 2003 - resultant set of policy or win 2008 gp modelling wizard (none as):
i followed the instructions as per:
- http://www.petri.co.il/group-policy-object-modeling-windows-server-2008.htm
and although i did not have to link to my 'wmi filters' i did do, which also stated while following the 'wizard' that my filters were 'true'.!!!!!!!! ok
at the end of the 'wizard' detecting specifically my domain controller it prompted another window in 'gpmc' showing me a summary of my domain controllers settings that i had set in gpo aswell as defaults it appears. - ok
ok getting there!!
wmi filters:
- so i could have 2 host xp machines with 2 different types of software so using the filter enables me to distinguish between the both.
- if these types of distinctions were not really needed then 'wmi filter' would not be used. (purely preferential)!!!!
resultant set of policy: - this detects if a gpo was functional so i could then troubleshoot!!
- taking into consideration the 2 'wmi filters' i have added, i may want to setup a gpo specific to each of those specific 2 host xp machines, so directing the wizard through the filters ensures the specific host xp is configured correctly!!
additionally doing checks also with:
- gpudpate
- gpupdate /force
- gpresult /v
- rsop
- eventviewer
ASKER
after configuring the 'wmi filter & rsop' on windows 2003, i also ran a backup of gpo as per this 'url':
http://www.petri.co.il/backing-up-group-policy-objects.htm
- i created a folder on a spare partitioned drive on my domain controller and shared specifically for 'administrator account'.
- i then opened selected to 'view' my specific gpo settings, which allows me to narrow down and troubleshoot a specific issue with maybe one of my gpo settings. - ok
http://www.petri.co.il/backing-up-group-policy-objects.htm
- i created a folder on a spare partitioned drive on my domain controller and shared specifically for 'administrator account'.
- i then opened selected to 'view' my specific gpo settings, which allows me to narrow down and troubleshoot a specific issue with maybe one of my gpo settings. - ok
ASKER
sound advice!
Hey man, sorry I didn't see any of your other posts. Hence the lack of response. Glad you got it sort and thanks.
ASKER
no probs thanks!! apreciated!
ASKER
so if i was to do the following:
- group of users - set with redirection folder pointing to on destination server
- a single user - set with redirection folder pointing to another destination server or mapped driver
question 1. so doing something like the above is how 'wmi filters' are used ?
question 2. if i did set something in the gpo that maybe was incorrect and then when i run a 'wmi filter' then the 'filter' would not work, but how would i know ?