Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 182
  • Last Modified:

Windows Server 2012

Dear All,

Is it possible to block users in domain  that are using a particular operating system .

for example:- I want to block all the users that are using XP OS  . XP users can't log in.

Is it possible . If yes then how can i configure that option.

Here we have Windows server 2012 configured along with the domain.

I am new to this server world. Searching for new options.


Regards,

JCT
0
jct_777
Asked:
jct_777
  • 3
  • 2
1 Solution
 
Zephyr ICTCloud ArchitectCommented:
Are these XP devices domain members? Probably are, but just being sure ...

You can use a Powershell to find the XP devices in your domain and set an expiration date on the device accounts... That's the "easy" fast fix ... This Powershell script can look something like this:

$date="21/04/2014 8:00:00 AM"
Get-ADComputer -Filter {OperatingSystem -eq “Windows XP Professional”} | Set-ADComputer -AccountExpirationDate $date

Open in new window


Change the date accordingly of course...

Another option might be to use a Group Policy with WMI filters and implement it on an OU that contains the XP devices... The WMI filter query would look something like this:

Select * from Win32_OperatingSystem where Caption = "Microsoft Windows XP Professional"

Open in new window


A third option, though not easy to manage and maybe expensive to implement, use something like Network Access Control to block the XP devices ...
0
 
awawadaCommented:
0
 
jct_777Author Commented:
Dear Spravtek,

Yes the XP devices are domain members & also i don't want any XP pc to be connected to our domain in future.

$date="21/04/2014 8:00:00 AM"
Get-ADComputer -Filter {OperatingSystem -eq “Windows XP Professional”} | Set-ADComputer -AccountExpirationDate $date

Can you please mention clearly how to use the above command in powershell & execute

Regards,

JCT
0
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

 
Zephyr ICTCloud ArchitectCommented:
Hi JCT,

Just copy paste the script and paste it in (eg) notepad, save the file as a powershell script (extension .ps1).

Now lets say you saved it with a name like blockxp.ps1

Now open a Powershell window and browse to the location you've saved the file to.
execute it with ./blockxp.ps1

Make sure you open the Powershell window/session with admin rights to the domain, you might also get a warning/error about executing scripts, especially if you haven't used Powershell before... The script will not execute if you see this error/warning...

To solve this you can do following:

Type in the Powershell window/session following: "Set-ExecutionPolicy RemoteSigned" (without the quotes)...

Hope it's somewhat clear, if not, let me know.

Ps: If you don't want to bother with a script, just type in everything manually, so first the date part > enter, then the next part and > enter again at the end ...
0
 
jct_777Author Commented:
Hi ,

As you told created one file with the .ps1 extension. copy & paste the above command in that. But when i opened the powershell i am unable to browse it. Also in the above command the start date is fine what about the expiry date . do i need to mention the date also.

please help me. I am totally confused.

JCT
0
 
Zephyr ICTCloud ArchitectCommented:
The date you see in the script is the expiration date ... So set it to the date you want the computer accounts to expire ...

I'm not sure what you mean with the statement that you are unable to browse to it...

If the script doesn't work out, just copy/paste the lines 1 by 1 into powershell

Or just copy/paste this entire line here under into powershell and press enter (change the date before you copy/paste if needed):

Get-ADComputer -Filter {OperatingSystem -eq “Windows XP Professional”} | Set-ADComputer -AccountExpirationDate "21/04/2014 8:00:00 AM"

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now