This could be a fun topic.
Outside of the obvious answers "Get someone to remove them", "Get someone to turn them off", "Tell them to...." etc.
We have a percentage of Windows XP and Windows 2003 machines that are on our remote network that we want to actively disable their access remotely and prevent local IT from re-enabling and re-using them.
We've manually disabled some through RDP, but want to remotely stop these sites from using them.
Something like - remove all members from local admins and local users, set a 30s shutdown to run in the registry and kill all NICs.
It can't be as dramatic as a format c:, but can be fairly brutal.
We have AD 2012R2 GPO, and SCCM 2012 R2 at our disposal - I'm looking for some real world tips and tricks people have used to disable machines like this. Thanks