Group policy WMI filter not applying to expected server

James Edmonds 771 Reputation points


I have the below WMI filter to select just desktop class windows installs (Win 10, 11 etc.), and also any server that is a Terminal Server/Remote Desktop Server:

If I log into one of our RDSH servers and do a WMI query in powershell, I can find in the TerminalServices namespace, that the TerminalServerMode is set to 1. Therefore, I expect the WMI filter to apply.
Unfortunately, I can see the GPO using this filter is filtered out with a FALSE flag next to the WMI query.

I am wondering if anyone can explain why it would not be marked as true?
Is it because the queries are cumulative rather than "any"? i.e. is it looking for a desktop class OS that is also a terminal server?
If that's the case, is there a way I can modify my filter so it looks for either, rather than both?

Many thanks.

Windows Group Policy
Windows Group Policy
A feature of Windows that enables policy-based administration using Active Directory.
1,997 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Daisy Zhou 13,021 Reputation points Microsoft Vendor

    Hello JamesEdmonds-7766,

    Thank you for posting here.

    From the following link, we can see if we want to use "WMI Filter" to filter "Windows Server Roles", it is
    "root\CIMv2" instead of "root\CIMv2\TerminalServices".

    WMI Filter

    So if you want to filter Desktop OS and terminal servers to apply GPO, you can try:


    SELECT * FROM Win32_OperatingSystem WHERE ProductType="1"


    SELECT TerminalServerMode FROM Win32_TerminalServiceSetting WHERE TerminalServerMode = 1

    For example:


    Hope the information above is helpful.

    Best Regards,
    Daisy Zhou


    If the Answer is helpful, please click "Accept Answer" and upvote it.

  2. James Edmonds 771 Reputation points

    Not possible to do what I wanted originally, as WMI filters are cumulative.

    I have duplicated my GPO, and put a separate WMI filter on each to achieve my goal.