Update: this information is outdated. Use this link for the current method of creating Logon Banner via GPO – https://blog.kimconnect.com/active-directory-gpo-practical-examples
1. Create securityBanner.VBS:
set wShell = CreateObject("Wscript.Shell")
strLegalCaption = "Information Security Policies"
Const POLICY_KEY = "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\system\"
Const LEGAL_CAPTION_VALUENAME = "legalnoticecaption"
Const LEGAL_TEXT_VALUENAME = "legalnoticetext"
strLegalText = ""
strLegalText = strLegalText & " Your access of KIMCONNECT network automatically mandates that you are agreeing to, complying with, and bounded by our security policies including, but not limited to the following:" & vbcrlf & vbcrlf
strLegalText = strLegalText & " (a) Please be advised that all information transmitted shall be subject to our security protocols. Any activities within our domain may be monitored for compliance. All company data shall be treated as proprietary and confidential, unless expressly authorized by company administration, or as required by law." & vbcrlf
strLegalText = strLegalText & " (b) We prohibit the use of our network to access or distribute illegal contents such as bittorrent piracy, obscenities, hate speech, and unsafe-for-work websites. We reserve the right to collect evidence of illegitimate activities as basis for possible disciplinary actions and/or law enforcement cooperations." & vbcrlf
strLegalText = strLegalText & " (c) Users shall agree to indemnify, defend and hold our company, partners, agents, employees, subcontractors, and affiliates harmless from any damages, liability, loss, claim, or expenses, including attorney's fees, from the usage of our computers. If you do not agree to these terms, you must disconnect now." & vbcrlf & vbcrlf
strLegalText = strLegalText & "Thank you," & vbcrlf
strLegalText = strLegalText & "The Systems Team" & vbcrlf & vbcrlf
wShell.RegWrite POLICY_KEY & LEGAL_CAPTION_VALUENAME, strLegalCaption, "REG_SZ"
WShell.RegWrite POLICY_KEY & LEGAL_TEXT_VALUENAME, strLegalText, "REG_SZ"
2. Edit GPO to include start-up script
Group Policy Management >> Forest >> Domains >> right-click [domain name] >> Create a GPO in this Domain and link it here >> Name it "Legal Notice" >> find the new "Legal Notice" Policy and Edit as follows:
Computer Configuration >> Policies >> Windows Settings >> Scripts (Startup/Shutdown) >> double-click Startup >> click Show Files... >> copy logonBanner.vbs to \\kimconnect.local\netlogon >> click Add >> select logonBanner.vbs by Browse function >> OK >> OK
Group Policy Management >> Forest: kimconnect.com >> Domains >> kimconnect.com >> right-click Default Domain Policy, edit >> computer Configuration >> Policies >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> Edit Interactive logon: Message title, check mark next to Define this policy setting, leave text box blank >> OK >> Edit Interactive Logon: Message text, check mark next to Define this policy, leave text box blank >> OK