?
Solved

laptops/desktops

Posted on 2011-10-31
8
Medium Priority
?
390 Views
Last Modified: 2012-05-12
In active directory is there anyway to diffrentiate between a desktop PC and a laptop? If so in ADUC console can you detail how?  What kind of different security settings would typically be applied to a laptop and not to a PC? Anything above beyond disk encryption?

Thanks
0
Comment
Question by:pma111
  • 4
  • 3
8 Comments
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 1600 total points
ID: 37057495
We treat them the same. We will use WMI to filter GPOs that should only apply to laptops (such as wireless/offline file policies). Here is the WMI

Select * from Win32_Battery where BatteryStatus <> 0
 
0
 
LVL 3

Author Comment

by:pma111
ID: 37057552
Can you let me know what the query is returning and how it filters for laptops?

Thanks
0
 
LVL 3

Author Comment

by:pma111
ID: 37057557
WHat do the wireless / offline file policies actually do in terms of security on the laptops?

Excuse my ignorance.
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
LVL 22

Expert Comment

by:Joseph Moody
ID: 37057559
It returns if the computer has a battery installed or not. If the computer has a battery, it applies the policy.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 37057573
The wireless policy configures the default networks to connects to but also specifiy that adhoc networks can't be connected to. This prevents users from accidently connecting to ad-hoc networks named things like FREE WIRELESS or PUBLIC WIRELESS when the network is actually used to prompt users for passwords/information

Offline files policy configures default offline file settings but also enables encryption to the offline file cache.
0
 
LVL 3

Author Comment

by:pma111
ID: 37057782
Not much of a hardware buff - I take it a normal desktop just runs off the mains and has no battery inside - just laptops that do.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 37057784
Yep!
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 400 total points
ID: 37057978
Darren Mar-Elia (GP MVP) had a contest on his list a few years ago about this.  Joel came up with something clever]

****Not taking credit for Joel's cool answer****


Select * from Win32_PhysicalMemory where FormFactor != 12

Returns True on computers that do not have SoDimm form factor memory and False on computers with SoDimm form factor memory.  The assumption is that all laptops will have this style memory and desktops will not.  Works in my environment, but it's a pretty small environment.

*********End Joel's submission***********

Joel won.

Thanks

Mike
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question