I need to create a group policy object (GPO) that will disable printer redirection for all computers except certain servers.
I considered making a security group and adding all the computers except the servers that I wanted to permit printer redirection on and then applying security filtering on the GPO so only the computers that are a member of the security group will not have printer redirection. Due to the number of servers in the environment and the number of technicians making changes in Active Directory (AD) I feel that people will not remember to add new computers to the security group. :) So, I want to create a GPO that applies to all computers but has a rule that excludes the members of a security group from the GPO.
I believe that I want to do this with a WMI filter but I don't know how to create a WMI filter and the examples I found do not seem to give me the information I need to create the required WMI filter.
The example I found is this.
Select * From Win32_Group where Name <> "security group"
Can someone help me edit this WMI filter to identify all servers that are not members of that security group.