Solved

how to block windows xp PCs from logging into the corporate network

Posted on 2014-10-23
5
234 Views
Last Modified: 2014-10-23
We have a number of XP machines out there, and want to block them from accessing the corporate network.

We need to push a script or policy to the XP machines to deny them access to the corporate network, and force them to call into the Service Desk for replacement.
0
Comment
Question by:Alice Schumm
  • 3
5 Comments
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40399548
are these machines on your domain or just connecting to the network?
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 40399549
Do they log in to a domain? In that case, push a login script per GPO to all clients, which checks for the OS version and then acts as required.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40399553
Qlemo, thats exactly what I was thinking.

Or you can combine a LegalNotice Warning Text and deny logon locally using a wmi filter for windows xp
0
 
LVL 16

Accepted Solution

by:
Joshua Grantom earned 500 total points
ID: 40399577
Create a GPO that has these entries in "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

LegalNoticeCaption    REG_SZ      Please contact Service Desk
LegalNoticeText          REG_SZ      This computer has been disabled from logging on to our network because it is running an outdated OS Please call 1-800-HEL-PDSK


In the same GPO set this policy "Computer Configuration > Policies > Security Settings > Local Policies > User Rights Assignment > Deny log on locally" to Domain Users

then create a WMI filter for the GPO

select * from Win32_OperatingSystem where (Version like "5.1") and ProductType="1"


Then apply the GPO to Authenticated Users and you can link it to your domain root. Because of the WMI filter, it will only apply to Windows XP machines.
0
 

Author Comment

by:Alice Schumm
ID: 40400690
Sounds great.  Thank you.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question