Solved

Password Protected Screen Savers NOT Protecting?

Posted on 2001-06-12
29
360 Views
Last Modified: 2011-04-14
Have 21 new Dell GX150's preinstalled with Windows 2000 SR1.

All are connected to a Novell NETWARE 5 network using Novell's Client 32 v4.8 for NT/2000.

Users are reporting that password protected screen savers are NOT always demanding
a password when interrupted.

The selection of screen saver seems to have little or no bearing on the situation.  Some
users (myself included) have never observed this problem, others found it consistant for
some time until they

1) Rebooted multiple times
2) Installed a 3rd-party ScreenSaver

Still others don't see anything working, their default Windows Screen Saver refuses to
honor the Password Protected checkbox.
0
Comment
Question by:jlw011597
  • 14
  • 6
  • 4
  • +4
29 Comments
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
I would install SP2 for all machines and see if this fixes the problem !!

I hope this helps!
0
 

Author Comment

by:jlw011597
Comment Utility
I'm just getting these things deployed, and SP2 hasn't been out very long.  My experience with most service packs suggests they aren't well regression tested,
and I'd fix one problem while introducing perhaps 20 more potential problems.

This query was more to determine without a runaround between MS and DELL whether or not there's a known problem with these screen savers.
0
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
Did you do a search omn microsoft.com yet ??

0
 

Author Comment

by:jlw011597
Comment Utility
Well, I did a search there for " not enforced within screensaver password" and
didn't get any hits....  These are OEM copies of Win2K so I'm not allowed to CALL
MS for support, and last time I called DELL (on a printer issue) they bucked it to
the printer vendor even though it was clearly an MS networking issue....

THAT's why I went out to EE for commentary.
0
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
I would apply SP2, to a computer with a repeatable problem.
This will be a good test.

Also

http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q257939

is the closest I could find so far.

I hope this helps !
0
 
LVL 10

Expert Comment

by:tonnybrandt
Comment Utility
Just want to share my experiance on the matter as i also have windows 2000 and Netware Client 4.8 on my work machine, and it works ok. However it was not preinstalled and not a Dell.

Did a search on Novell, and found this:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2959002.htm

See if it applies to your problem
0
 

Author Comment

by:jlw011597
Comment Utility
SysExpert:  Win2K SP2 has been applied to all stations; still some stations report this problem.

tonnybrandt: None of  suggested TID items seems to apply.  This is that the Screen Saver just plain doesn't seem to be taking over, thus failing to secure the workstation.  All those items seemed to be that the screen saver takes over, just doesn't operate properly after doing so, preventing even an authorized user from getting back to work.




0
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
I would try

sfc /scannow from a DOS box and also check permissions for these users.

Try it as administrator adn see if it works. If it does, then it is probably a registry problem, probably having to do with registry permissions.

Also try a regclean program.

I hope this helps !
0
 

Author Comment

by:jlw011597
Comment Utility
All users are already ADMINISTRATORS (no Domain or Directory in the Win2K
world, just a workgroup, and all these folks are technical staff trustable as admins
for their own workstations).  

What's "sfc" ???  
0
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
system file checker. It exists in win98 and win2k.

try sfc /?
from a dos window.

I hope this helps !
0
 

Author Comment

by:jlw011597
Comment Utility
Hmmm... This seems to require the Windows 2000 CD.  Gonna take some time to do that.

Note recently I've noticed that unless I get a periodic reminder from Experts Exchange, I've
gone so far as to leave a question open pending review of a possible answer or comments
for 2 months.  Prod me if need be with another comment.
0
 

Author Comment

by:jlw011597
Comment Utility
Decided not to follow up with this issue.  Don't have an ORIGINAL Win2K CD to get the sfc program from since these are OEM pre-installed DELLs.  Ah, well.
0
 

Expert Comment

by:cmoore23
Comment Utility
Hi,

I think we have the same problem and have met with the same amount of success.  Did you ever resolve this issue?

0
 

Author Comment

by:jlw011597
Comment Utility
No.  For example, 95% of the time my own workstation locks under the screen saver just fine.  The other 5% of the time the screen saver just plain doesn't start after the requisite time period of nil keyboard/mouse activity.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:jlw011597
Comment Utility
Still no response on this problem.  I'm going to boost the points to 300 to see if we can
garner some more interest.

One thing I HAVE accertained is that when the screen saver does seem to "stop
triggering," that in reality something has changed it to NONE.  Indeed when one
goes to the screen saver panel, "NONE" is the selected saver.  Normally I have
"Default Screen Saver" selected, but if I expected the saver to be active and
password protecting, but it isn't (e.g., I come in after being out of the office for an hour or more), sure enough I'll find "(None)" as the selected saver.  

I KNOW that I am not actively setting/resetting this...
0
 

Author Comment

by:jlw011597
Comment Utility
Still no response on this problem.  I'm going to boost the points to 300 to see if we can
garner some more interest.

One thing I HAVE accertained is that when the screen saver does seem to "stop
triggering," that in reality something has changed it to NONE.  Indeed when one
goes to the screen saver panel, "NONE" is the selected saver.  Normally I have
"Default Screen Saver" selected, but if I expected the saver to be active and
password protecting, but it isn't (e.g., I come in after being out of the office for an hour or more), sure enough I'll find "(None)" as the selected saver.  

I KNOW that I am not actively setting/resetting this...
0
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
OK.

1) It could be a virus, or hacker.

2) Have you tried enforcing this with policies, either locally or centrally ?

Group policy planning with screen shots
                 
      http://www.microsoft.com/WINDOWS2000/library/planning/management/groupsteps.asp

http://www.microsoft.com/WINDOWS2000/library/planning/management/groupsteps.asp
                                   http://www.microsoft.com/windows2000/techinfo/howitworks/management/grouppolicyintro.asp

 Windows 2000 Group Policy White Paper
                                         http://www.microsoft.com/windows2000/techinfo/howitworks/management/grouppolwp.asp

Step by Step Guide to Managing the Group Policy Feature Set
                                         http://www.microsoft.com/windows2000/techinfo/reskit/samplechapters/dsec/dsec_pol_zbgy.asp

"Troubleshooting Group Policy in Windows 2000"
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/support/tshootgp.asp

               and

               Wayne's Windows NT Administration Tips
 http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/support/adrecov.asp

I hope this helps !
0
 

Author Comment

by:jlw011597
Comment Utility
1) It could be a virus, or hacker.
              Unlikely.  All machines where we're seeing this are protected with               daily-updated virus protection software, and ports are either manually
              shut down, stealthed, or, in my particular case, protected by a software
               firewall.  Yet we still see the situation.

2) Have you tried enforcing this with policies, either locally or centrally ?
               Policies are whatever are the defaults on Win2K out of the box.  No AD or
               domain, either.  Workgroup.  And staying that way.
0
 

Author Comment

by:jlw011597
Comment Utility
Just realized I'd never responded to  tonnybrandt's suggestion/comments.  No, that TID
probably doesn't apply.  There's no mention in the TID of my situation, where the screen saver doesn't take over (because, as I've learned, it's being reset to (None) by something).  The Novell TID [technical information document for all you non-netware types] describes issues like the screen saver taking control but not imposing password protection, and the screen saver not resuming control after having taken control, prompted for password protection, and the user quits out of trying to enter a password.
0
 

Author Comment

by:jlw011597
Comment Utility
Just realized I'd never responded to  tonnybrandt's suggestion/comments.  No, that TID
probably doesn't apply.  There's no mention in the TID of my situation, where the screen saver doesn't take over (because, as I've learned, it's being reset to (None) by something).  The Novell TID [technical information document for all you non-netware types] describes issues like the screen saver taking control but not imposing password protection, and the screen saver not resuming control after having taken control, prompted for password protection, and the user quits out of trying to enter a password.
0
 
LVL 27

Expert Comment

by:Asta Cu
Comment Utility
jlw is awaiting Expert feedback here.
Asta
0
 

Expert Comment

by:cmoore23
Comment Utility
An idea that might help.

If you have a copy of sysinternals REGMON, you can run it on one of the problem clients.

1. turn off capture
2. edit filter/highlight
3. set include to
    "HKLM\Control Panel\Desktop\SCRNSAVE.EXE"
exactly as specified here but without the double quotes.  Note the embedded spaces are needed - just select, copy and paste the above in.
4. ensure that "Log Successes" and "Log Errors" and
"Log Writes" are enabled.  (You can enable all options but it makes for extra reading - these should be enough).
5. Apply the filter (click on the APPLY button)
6. Start the Capture and minimize REGMON

You can come back to it after a minute, an hour, a day, and it will have logged every time something changes that screen saver entry.  I believe (based on my own problem) that this might help identify what could be reseting the screen saver.

Similarly, there is a registry entry that controls whether or not a password is required - this is "ScreenSaverIsSecure"

If the screen saver is always set but just not prompting, then replace the include (above) with

    "HKLM\Control Panel\Desktop\ScreenSaverIsSecure"

This will log the time of the change, and the Process.  The process contains a fairly meaningful identification of the changer of the value, which is most likely a .EXE

Please feel free to query me if you want more details or a better explanation :-)

The url for "system internals" in case you need it is http://www.systeminternals.com/

Regards, Christopher Moore
0
 

Author Comment

by:jlw011597
Comment Utility
Just verify that it's
"HKLM" in these "exactly as specified here"

and not "HKEY_LOCAL_MACHINE"

I've downloaded REGMON and will try applying it to users experiencing this problem.
0
 

Expert Comment

by:cmoore23
Comment Utility
Yep. It DOES appear to require HKLM rather than the full (and technically correct) HKEY_LOCAL_MACHINE.

Regards, Chris.

0
 
LVL 5

Expert Comment

by:cempasha
Comment Utility
Dear questionner/expert(s)

No comment has been added lately, so it's time to clean up this TA.
I'll leave a recommendation in the Cleanup topic area that this question is to be:

- Answered by: cmoore23

Please leave any comments here within the next seven days.

==> PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER ! <==

PaSHa

Cleanup volunteer
0
 

Author Comment

by:jlw011597
Comment Utility
No, I don't think so.  Regardless of what the volunteer
recommends, I have not been able to evaluate cmoore23's
suggestion due to other duties and, as such, am not about
to suggest to subsequent participants purchasing this as a PAQ that the problem was resolved by cmoore23's suggestion until it is proven to be an actual solution.

If the volunteer is so anxious to close this call off, then
the resolution (of THAT issue) is to DELETE the query, not to accept an unproven answer.
0
 
LVL 5

Expert Comment

by:cempasha
Comment Utility
thank you for your response first of all. this is your last post -> 08/07/2002 08:23AM PST
it would have been nice to add comments and let the experts know about your progress with their solutions. it is also your responsibility to follow your questions. if you think that cmoore23's solution is not right and you have found the answer please post it here so that other users with the same problem can use this information when needed. if there is no good answer to you let us know and let the admins take care of it. regards,
PaSHa
0
 

Expert Comment

by:cmoore23
Comment Utility
If jlw has not been able to take advantage of any of the responses to resolve the problem (for whatever reason) then any answer suggested can not be considered a solution.  And thus the issue stays open.  So I agree with jlw.  Leave it open until someone comes up with a resolution that can be implemented successfully.

cmoore23
0
 

Accepted Solution

by:
SpideyMod earned 0 total points
Comment Utility
PAQ'd and points refunded.  Zero-point PAQs are free to view and the information may be valid for helping somebody else.  

Let me state that a question is considered abandoned if no responses have been made for a month.  It is the responsibility of the questioner to come back to the question in a timely manner and provide feedback.  The cleanup volunteer does what he or she thinks is best for all parties.  Many, many questions on this site are abandoned and it is a problem that our cleanup volunteers are donating their time to help resolve.  If your suggestion is to delete all questions where the questioner doesn't return to validate that it is a proper answer, then we would have a free-for-all where questioners would ask questions and never accept any answer and obtain solutions "free-of-charge" so to speak.  The experts are also donating their time and this is not a fair resolution either.  

Without feedback from the questioner, I stand by cempasha as having given the correct recommendation.  The procedure works as the 7-day waiting period has produced feedback that allows me to finalize this question in a manner fair to all participants (including future PAQ purchasers).  That said, I do believe that the feedback given post-recommendation appears to have too much personal attack and this should not occur, a simple stating of the facts is all that is needed.  

If jlw does get an opportunity to review and finds an acceptable answer from any that have been presented, it can simply be posted back here and a "points for" question will be generated as well as a comment by the moderator pointing to the correct answer.  

If you have further questions regarding this, feel free to drop a line here.  If you have questions regarding how the cleanup process works or do not like the fact that this recommendation was made under these circumstances, feel free to drop a zero-point question in Community Support topic area asking for an Admin specifically and one of the site administrators (I am simply a moderator) will address this issue.  

Those of you that do not wish to receive further email notifs on this closed question, can unsubscribe.

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
HOW TO: Connect to the VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere (HTML5 Web) Host Client 6.5, and perform a simple configuration task of adding a new VMFS 6 datastore.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now