[gptalk] Re: GPO WMI Script filters - can it exclude users?

  • From: "Mills, Mark" <Mark.Mills@xxxxxxxxxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Thu, 17 Aug 2006 10:46:30 -0500

Darren I spoke to soon...

 

I tried your recommendation of "Select * FROM Win32_ComputerSystem WHERE
UserName <> "domainName\UserName"

However the WMI filter won't accept it when I try to save it.   It seems
the filter does not like the "\" character, even in the quotes. 

 

Using MS's WMI Creator the I selected the Win32_ComputerSystem and then
chose Username, it returned a proposed code or:

 

strComputer = "." 

Set objWMIService = GetObject("winmgmts:\\" & strComputer &
"\root\CIMV2") 

Set colItems = objWMIService.ExecQuery( _

    "SELECT * FROM Win32_ComputerSystem",,48) 

For Each objItem in colItems 

    Wscript.Echo "-----------------------------------"

    Wscript.Echo "Win32_ComputerSystem instance"

    Wscript.Echo "-----------------------------------"

    Wscript.Echo "UserName: " & objItem.UserName

Next 

 

the data returned from the query was :  "DA\da\mmills"

 

The following could not be saved as valid filters because of the "\"
charactrer:

"Select * FROM Win32_ComputerSystem WHERE UserName <> "da\mmills"

"Select * FROM Win32_ComputerSystem WHERE UserName <> "DA\da\mmills"

 

 

I also tried using Select * FROM Win32_ComputerSystem WHERE
objItem.UserName = "mmills" but that didn't work.  Is it possible to use
the "LIKE" command so that it would be something such as:

 

Select * FROM Win32_ComputerSystem LIKE objItem.UserName = "mmills"  -
couldn't save filter with the LIKE command, but you get the idea.

 

Mark Mills, Sr. Network Engineer LP

Email: mark.mills@xxxxxxxxxxxxxxxxxxxxxx 

________________________________

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Darren Mar-Elia
Sent: Tuesday, August 15, 2006 5:27 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: GPO WMI Script filters - can it exclude users? 

 

Mark-

I think the Win32_UserAccount class enumerates user accounts defined on
the system where the query runs. So, instead of getting the currently
logged on user with that query, you are really asking it if there is a
user with the manager's user name defined on that workstation's local
SAM where the query runs. I think what you need instead is:

 

Select * FROM Win32_ComputerSystem WHERE UserName <>
"domainName\UserName"

 

So its looking for the NetBIOS form of the user name.

 

 

Also, this is a good opportunity for me to plug my newest free tool--the
WMI Filter Validator--which lets you validate a WMI Filter against a
machine without having to wait for a GP refresh to see if it will
evaluate to true.

 

Darren

 

Other related posts: