Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Group Policy Newbie

Group Policy Newbie 8 years 9 months ago #25180

  • Stephanie
  • Stephanie's Avatar
  • Offline
  • Frequent Member
  • Posts: 55
  • Karma: 0
Hello All,

I'm wondering if anyone knows if I can use a Group Policy to auto login to a Windows XP Pro box in a Windows 2003 domain? I need this machine to only be used by one ID/password and access only 1 web page. So what I'm looking for is a kiosk type set-up.

Any suggestions? I'm not very versed in creating Group Policies so any advise is welcome!!
The administrator has disabled public write access.

Re: Group Policy Newbie 8 years 9 months ago #25183

  • GTM
  • GTM's Avatar
  • Offline
  • Frequent Member
  • Posts: 77
  • Karma: 0
Group policys come with two configuration options. One is for computer configuration and the other is for user account configuration group policys. I have never seen a group policy at the computer configration that can automatically log a user in and with user configuration group policys you need to log in first so windows knows which user policies to apply.

Regarding only allowing one user access to the machine you can set local group policies on the pc by going to start/run/gpedit.msc from here you can deny people the ability to log on locally or remotely though depending on the size of your domain im not quite sure how feasable this option is as anyone with a domain account will be able to log in unless you deny access.

An idea you could try would be to put the machine into a workgroup and set up the accounts as needed.
The administrator has disabled public write access.

Re: Group Policy Newbie 8 years 9 months ago #25191

  • KiLLaBeE
  • KiLLaBeE's Avatar
  • Offline
  • Expert Member
  • Posts: 466
  • Karma: 0
You can configure the XP machine's registry to auto logon with a specified username and domain name. Then you can add the user account for the username being used in an organizational unit and use group policy to lock it down as youd like. The end result is that the computer will automatically log on with the specified username into the specified domain, where it will have group policy applied to it.

NOTE: I've done the auto logon portion in a lab environment to test, but not the group policy application AFTER auto logging on...but regardless, it should work.

To force the computer to automatically log on with a specified username, go to Start > Run, type regedit, and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon and define the following keys:

DefaultDomainName - domain name to log into
DefaultUserName - username defined by user account in AD, which you will add to the appropriate OU that the GP is applied to
DefaultPassword - password for user account
AutoAdminLogon (set to 1 to automatically log on with credentials above and 0 to not automatically log on)

Due to the scope of what you can do with group policy or what you would need to specifically modify to lock down the computer and to only display 1 web page, I'll leave that up to you to research :wink: Pretty much all that is involved is you looking through the User Account portion of group policy editor and modifying the settings you need.

Hope that helps
The administrator has disabled public write access.

Re: Group Policy Newbie 8 years 9 months ago #25193

  • skepticals
  • skepticals's Avatar
  • Offline
  • Expert Member
  • Posts: 783
  • Karma: 0
I just wanted to confirm that autologin does work in a production network with group policy/active directory. I had a network with over 50 PCs configured with autologon.

I used a custon ADM in group policy that I loaded an it allowed me to push the registry settings to each XP machine. This way I didn't have to do it manually.
The administrator has disabled public write access.

Re: Group Policy Newbie 8 years 9 months ago #25242

  • Ozzy_98
  • Ozzy_98's Avatar
  • Offline
  • Frequent Member
  • Posts: 22
  • Karma: 0
Group policy like this is nothing more than registry changes. If you can change it via the registry, you can change it via group policy. There's a few issues, like prefrences vs policies, and tatooing, so I'd read up more about the registry. www.rhwiii.info/pdfs/Introduction%20to%2...dow's%20Registry.pdf And old (and crude) paper
The administrator has disabled public write access.

Re: Group Policy Newbie 8 years 9 months ago #25256

  • Stephanie
  • Stephanie's Avatar
  • Offline
  • Frequent Member
  • Posts: 55
  • Karma: 0
Thanks for all the good info! It looks like I will be making some registry changes as well as creating a group policy (yikes!), not something I work with much.

Now, let's say I get this auto login (regular user) to work. How can I login as Admin if i need to make more changes to the machine?
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.085 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup