Posted On March 31, 2019

GPO Logon Banner

kimconnect 0 comments
blog.KimConnect.com >> Codes , Windows >> GPO Logon Banner

Update: this information is outdated. Use this link for the current method of creating Logon Banner via GPO – https://blog.kimconnect.com/active-directory-gpo-practical-examples

1. Create securityBanner.VBS:

set wShell = CreateObject("Wscript.Shell")
strLegalCaption = "Information Security Policies"
Const POLICY_KEY = "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\system\"
Const LEGAL_CAPTION_VALUENAME = "legalnoticecaption"
Const LEGAL_TEXT_VALUENAME = "legalnoticetext"
strLegalText = ""
strLegalText = strLegalText & " Your access of KIMCONNECT network automatically mandates that you are agreeing to, complying with, and bounded by our security policies including, but not limited to the following:" & vbcrlf & vbcrlf
strLegalText = strLegalText & " (a) Please be advised that all information transmitted shall be subject to our security protocols. Any activities within our domain may be monitored for compliance. All company data shall be treated as proprietary and confidential, unless expressly authorized by company administration, or as required by law." & vbcrlf
strLegalText = strLegalText & " (b) We prohibit the use of our network to access or distribute illegal contents such as bittorrent piracy, obscenities, hate speech, and unsafe-for-work websites. We reserve the right to collect evidence of illegitimate activities as basis for possible disciplinary actions and/or law enforcement cooperations." & vbcrlf
strLegalText = strLegalText & " (c) Users shall agree to indemnify, defend and hold our company, partners, agents, employees, subcontractors, and affiliates harmless from any damages, liability, loss, claim, or expenses, including attorney's fees, from the usage of our computers. If you do not agree to these terms, you must disconnect now." & vbcrlf & vbcrlf
strLegalText = strLegalText & "Thank you," & vbcrlf
strLegalText = strLegalText & "The Systems Team" & vbcrlf & vbcrlf
wShell.RegWrite POLICY_KEY & LEGAL_CAPTION_VALUENAME, strLegalCaption, "REG_SZ"
WShell.RegWrite POLICY_KEY & LEGAL_TEXT_VALUENAME, strLegalText, "REG_SZ"


2. Edit GPO to include start-up script
Group Policy Management >> Forest >> Domains >> right-click [domain name] >> Create a GPO in this Domain and link it here >> Name it "Legal Notice" >> find the new "Legal Notice" Policy and Edit as follows:

Computer Configuration >> Policies >> Windows Settings >> Scripts (Startup/Shutdown) >> double-click Startup >> click Show Files... >> copy logonBanner.vbs to \\kimconnect.local\netlogon >> click Add >> select logonBanner.vbs by Browse function >> OK >> OK

Group Policy Management >> Forest: kimconnect.com >> Domains >> kimconnect.com >> right-click Default Domain Policy, edit >> computer Configuration >> Policies >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> Edit Interactive logon: Message title, check mark next to Define this policy setting, leave text box blank >> OK >> Edit Interactive Logon: Message text, check mark next to Define this policy, leave text box blank >> OK

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

RSA SecureID Authentication

Implementation Objectives: 1. Install the primary instance as a virtual appliance 2. Use software/hardware tokens…

How To Reset Administrator Password – HP iLO Versions 2-4

Prelude: this instruction only works on HP iLO versions 2 to 4; hence, the title…

PowerShell: Windows Get-EventLog vs Get-WinEvent

Get-Eventlog is the legacy Windows log querying command. Its advanced filtering is limited. Whereas Get-WinEvent,…