Solved

how to block windows xp PCs from logging into the corporate network

Posted on 2014-10-23
5
237 Views
Last Modified: 2014-10-23
We have a number of XP machines out there, and want to block them from accessing the corporate network.

We need to push a script or policy to the XP machines to deny them access to the corporate network, and force them to call into the Service Desk for replacement.
0
Comment
Question by:Alice Schumm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40399548
are these machines on your domain or just connecting to the network?
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40399549
Do they log in to a domain? In that case, push a login script per GPO to all clients, which checks for the OS version and then acts as required.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40399553
Qlemo, thats exactly what I was thinking.

Or you can combine a LegalNotice Warning Text and deny logon locally using a wmi filter for windows xp
0
 
LVL 16

Accepted Solution

by:
Joshua Grantom earned 500 total points
ID: 40399577
Create a GPO that has these entries in "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

LegalNoticeCaption    REG_SZ      Please contact Service Desk
LegalNoticeText          REG_SZ      This computer has been disabled from logging on to our network because it is running an outdated OS Please call 1-800-HEL-PDSK


In the same GPO set this policy "Computer Configuration > Policies > Security Settings > Local Policies > User Rights Assignment > Deny log on locally" to Domain Users

then create a WMI filter for the GPO

select * from Win32_OperatingSystem where (Version like "5.1") and ProductType="1"


Then apply the GPO to Authenticated Users and you can link it to your domain root. Because of the WMI filter, it will only apply to Windows XP machines.
0
 

Author Comment

by:Alice Schumm
ID: 40400690
Sounds great.  Thank you.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question