I’ve been working to deploy Citrix in our office recently and one of the requirements was to use some 5-7 year old PCs as Thin clients until such time as management wanted to replace them with typical thin clients. In order to make this work we re-imaged all of the XP desktops with a clean install of the OS along with basic requirements suck as AV/DLP etc. Then I added a simple yet effective registry hack along with some GPO’s to effect a XP thin client with decent local security.
So here is the registry changes
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultUsername"="firstname.lastname@example.org" "DefaultPassword"="password" "AutoAdminLogon"="1" "ForceAutoLogon"="1"
This will cause the desktop to auto login every time it boots up or a user logs off the system. The only way around the auto login is for a user to hold down the shift key during the login which will then allow you to enter different credentials.
Next up Open IE in full screen mode and point it to the Citrix Web Server.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe -k" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://citrixxendesktopurl.com"
That is pretty much it, tie this in with a GPO designed to lock down the user being used to log onto the desktop, make that user part of the local “users” or “guest” group, and we have our simple yet effective XP thin client.