[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 252
  • Last Modified:

how to block windows xp PCs from logging into the corporate network

We have a number of XP machines out there, and want to block them from accessing the corporate network.

We need to push a script or policy to the XP machines to deny them access to the corporate network, and force them to call into the Service Desk for replacement.
0
Alice Schumm
Asked:
Alice Schumm
  • 3
1 Solution
 
Joshua GrantomSystems AdministratorCommented:
are these machines on your domain or just connecting to the network?
0
 
QlemoDeveloperCommented:
Do they log in to a domain? In that case, push a login script per GPO to all clients, which checks for the OS version and then acts as required.
0
 
Joshua GrantomSystems AdministratorCommented:
Qlemo, thats exactly what I was thinking.

Or you can combine a LegalNotice Warning Text and deny logon locally using a wmi filter for windows xp
0
 
Joshua GrantomSystems AdministratorCommented:
Create a GPO that has these entries in "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

LegalNoticeCaption    REG_SZ      Please contact Service Desk
LegalNoticeText          REG_SZ      This computer has been disabled from logging on to our network because it is running an outdated OS Please call 1-800-HEL-PDSK


In the same GPO set this policy "Computer Configuration > Policies > Security Settings > Local Policies > User Rights Assignment > Deny log on locally" to Domain Users

then create a WMI filter for the GPO

select * from Win32_OperatingSystem where (Version like "5.1") and ProductType="1"


Then apply the GPO to Authenticated Users and you can link it to your domain root. Because of the WMI filter, it will only apply to Windows XP machines.
0
 
Alice SchummSenior Technical ConsultantAuthor Commented:
Sounds great.  Thank you.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now