Solved

Suppress Windows XP login

Posted on 2002-06-30
9
278 Views
Last Modified: 2010-05-18
We use NetWare clients on Win XP.  Our users are forced to change their individual NetWare passwords very month. All sensitive information is held on the Novell server.  We do also use Windows networking occasionally but would prefer not to have to login to Windows.  The NetWare clients offer the option to synchronise passwords but this creates confusion, because we do not set up individual pc accounts for each user on each pc's Windows system.
I should like to abolish any login screens which refer to Windows passwords.  I don't want users to have to think about Windows passwords.  Most especially I don't want them inadvertently to set a local password on the standard account on a Windows XP machine, because this can prevent other users from using that pc.
Can someone please advise on a way of setting up XP so that we never get presented with Windows login or password questions?  (I think that using AutoAdminLogon would be inappropriate because the monthly change of NetWare password would not be recognised by Windows, and anyway we don't want any Windows passwords).
0
Comment
Question by:rashields
  • 4
  • 3
  • 2
9 Comments
 
LVL 10

Expert Comment

by:DSPoole
ID: 7120987
ZENworks for Desktop Start Kit and the new NetWare Client for Windows NT/2K/XP (v4.83) - NetWare 5.1 ships with the ZfD Starter Kit.

Create a User Policy Package - configure a Windows NT/2K Policy - Dynamic Local User...

This will automatically sync and manage NDS User accounts and passwords with Windows (workstation) user accounts and passwords - thus bypassing the Windows login.

Best of all, you decide the security rights each user has on the workstation (Admin, Power User, User, etc.)

0
 
LVL 2

Expert Comment

by:gavrc
ID: 7126560
Use AutoAdminLogon (and AutoAdminQueryNDS) but set up a single windows user (eg staff) with an arbitary password (eg staff). For XP you will also need to create ForceAutoLogon=1 in [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 7128009
Don't use AutoAdminLogon for a couple of reasons:

1)  It tends to change a bit as Novell releases new clients - what you do once may not work on the next client release.

2)  Everyone will have admin rights - you might as well be running Windows 9x/ME boxes.  My method will allow you to set user rights at the desktop to prevent users from "tinkering"...

0
 
LVL 2

Accepted Solution

by:
gavrc earned 100 total points
ID: 7129365
AutoAdminLogon doesn't log in as admin. Only as the user you specify as DefaultUsername with DefaultPassword. You set the rights for that user when you create it, eg User, Power User, etc
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:rashields
ID: 7129422
Thank you both very much for the debate.  Whilst I can see the merits of Zen, we are not into that and don't really want to go there (and I'm sure that Zen also has its own upgrade trail).  I had read Novell's TID10052847 (which has one or two errors - notably a missing space between Windows and NT in the details of the ForceAutoLogon key at the top of page 2)and gavrc helped me to understand it, and gave me the confidence to write the following .reg script for execution at each XP workstation.  I publish it below because it may help others.  You must first set up the default Windows user account with password "password".

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ForceAutoLogon"="1"
"AutoAdminLogon"="1"
"DefaultPassword"="password"

[HKEY_LOCAL_MACHINE\Software\Novell\Login]
"AutoAdminLogon"="0"
"AutoAdminQueryNDS"=dword:00000001
0
 
LVL 2

Expert Comment

by:gavrc
ID: 7129739
That's the one. I don't think AutoAdminLogon is necessary in \Novell\Login, I've never used it (but that's not gospel). I suspect the fact the key doesn't exist by default implies the value 0. But no harm. It might be useful to add "DefaultUserName"="username" whatever the username you are using is. This will remove the entry for the last person who logged on.
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 7133017
You don't have to upgrade the free version of ZEN...
0
 

Author Comment

by:rashields
ID: 7137348
I don't have a free version of Zen.  We are running Novell 4.11.  I don't think we were given any free ZenWorks.
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 7138196
rashields - you download it from Novell - it's called the ZENworks Starter Kit.

One of the neat features of using ZENworks and Dynamic Local User (as opposed to AutoAdminLogin) is that user accounts on the Windows box are created automatically without any intervention on your side.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Hyena v12.2 is now available for downloading and is available in English, French, German and Spanish versions.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now