wtrueman
asked on
Logging in Locally and avoiding the Network. Dialog
We have many client machines that have previously been locked down to the 'n'th degree, and it is not possible on any of these machines to cancel the network login, simply to log in locally on the machine to adjust a few settings.
It doesnt matter who we log in network wise as, everything is screwed down, so changes through control panel cant be made.
Is there a software utility/hack that will help, or is it a case of removing the NIC on every machine, to be able to make any progress?
It doesnt matter who we log in network wise as, everything is screwed down, so changes through control panel cant be made.
Is there a software utility/hack that will help, or is it a case of removing the NIC on every machine, to be able to make any progress?
It's not really clear to me what you want to accomplish ?
Assuming that you want to remove restrictions, try this:
1) Can you access the network contol panel ?
If so, try to uncheck logon to NT server
(double click on Clint for microsoft networks)
Try changing Primary Network Logon to Windows Logon.
2) Otherwise, is the policy editor installed ?
If not can you install it ? It's on most win98 CD's.
If so, open the registry and click on user and clear restrictions you don't want. Same thing for the system settings.
3) If this doesn't work. can you access the registry editor ?
If so, take a backup of the registry (scanreg /backup),
Since "everything is screwed down" doesn't really tell
me much about what restrictions are in effect, I'll
just give you a general approach:
Find HKEY_CURRENT_USER\Software
In the explorer subkey, remove all names (you may want do this Name by Name, start with with NoNetHood
and retry step 1)
except NoDriveTypeAutoRun.
In the system subkey, remove Names, one at a time.
Find
HKEY_LOCAL_MACHINE\Softwar
Go into the subkeys, and remove Names, one at a time
If you add another comment being more specific about the
behaviour of the clients and what you want to do,
I may be able to point you to the specific reg entries you
should update.
If you go ahead and edit registry manually and you end up
with undesirable side effects, you can get back to
your previous state by running scanreg /restore
in ms-dos mode.
Assuming that you want to remove restrictions, try this:
1) Can you access the network contol panel ?
If so, try to uncheck logon to NT server
(double click on Clint for microsoft networks)
Try changing Primary Network Logon to Windows Logon.
2) Otherwise, is the policy editor installed ?
If not can you install it ? It's on most win98 CD's.
If so, open the registry and click on user and clear restrictions you don't want. Same thing for the system settings.
3) If this doesn't work. can you access the registry editor ?
If so, take a backup of the registry (scanreg /backup),
Since "everything is screwed down" doesn't really tell
me much about what restrictions are in effect, I'll
just give you a general approach:
Find HKEY_CURRENT_USER\Software
In the explorer subkey, remove all names (you may want do this Name by Name, start with with NoNetHood
and retry step 1)
except NoDriveTypeAutoRun.
In the system subkey, remove Names, one at a time.
Find
HKEY_LOCAL_MACHINE\Softwar
Go into the subkeys, and remove Names, one at a time
If you add another comment being more specific about the
behaviour of the clients and what you want to do,
I may be able to point you to the specific reg entries you
should update.
If you go ahead and edit registry manually and you end up
with undesirable side effects, you can get back to
your previous state by running scanreg /restore
in ms-dos mode.
Also, if there is a user.man in the users home directory,
rename it to avoid having the user settings undone when
you logon next time.
Rechecking you question, since you can't cancel
the logon (is it greyed out?), look at the HKEY_LOCAL_MACHINE\Network
if it exists. If so look for a name MustBeValidated and change it to 0 (or delete the name).
rename it to avoid having the user settings undone when
you logon next time.
Rechecking you question, since you can't cancel
the logon (is it greyed out?), look at the HKEY_LOCAL_MACHINE\Network
if it exists. If so look for a name MustBeValidated and change it to 0 (or delete the name).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Another way that the cancel logon may have been disabled is
if in
HKEY_USERS\DEFAULT\Softwar
In this case cancel is not greyed out, the user is just
presented with the logon panel again.
If this is the case delete the Nologon name.
if in
HKEY_USERS\DEFAULT\Softwar
In this case cancel is not greyed out, the user is just
presented with the logon panel again.
If this is the case delete the Nologon name.
ASKER
The Network/Logon registry key sounds promising. I would assume that once I have disabled this I will be able to press ESC when prompted to login, bypass the Network login, and just use Windows logon. By means of trial and error I figured out the previous administrators password. Most of the client m/c's are Win98 with a W2K server.
All Im after doing is to change some IE settings to allow our users to open more than one browser window at once, but I cant change anything when I logon to our network, no matter what rights I have. Neither can I access anything in control panel, such as Network settings, User settings etc. Indeed someone did go a little over the top on the policy settings
I'll repost once I have tried this out, and many many thanks for your help guys. Im pretty sure you have pointed me in the right direction. Thanks for the Winguides reference too Steven. Apologies for the measly points avail, but its all I had.
All Im after doing is to change some IE settings to allow our users to open more than one browser window at once, but I cant change anything when I logon to our network, no matter what rights I have. Neither can I access anything in control panel, such as Network settings, User settings etc. Indeed someone did go a little over the top on the policy settings
I'll repost once I have tried this out, and many many thanks for your help guys. Im pretty sure you have pointed me in the right direction. Thanks for the Winguides reference too Steven. Apologies for the measly points avail, but its all I had.
ASKER
The Network/Logon registry key sounds promising. I would assume that once I have disabled this I will be able to press ESC when prompted to login, bypass the Network login, and just use Windows logon. By means of trial and error I figured out the previous administrators password. Most of the client m/c's are Win98 with a W2K server.
All Im after doing is to change some IE settings to allow our users to open more than one browser window at once, but I cant change anything when I logon to our network, no matter what rights I have. Neither can I access anything in control panel, such as Network settings, User settings etc. Indeed someone did go a little over the top on the policy settings
I'll repost once I have tried this out, and many many thanks for your help guys. Im pretty sure you have pointed me in the right direction. Thanks for the Winguides reference too Steven. Apologies for the measly points avail, but its all I had.
All Im after doing is to change some IE settings to allow our users to open more than one browser window at once, but I cant change anything when I logon to our network, no matter what rights I have. Neither can I access anything in control panel, such as Network settings, User settings etc. Indeed someone did go a little over the top on the policy settings
I'll repost once I have tried this out, and many many thanks for your help guys. Im pretty sure you have pointed me in the right direction. Thanks for the Winguides reference too Steven. Apologies for the measly points avail, but its all I had.
Just in case....
Since the previous admin seems to have been pretty thorough,
he has probably setup user.man.
If user.man is present in present in the user's home directory
when he logs onto the network,
it will be downloaded and overwrite the local user.dat.
User.dat is the part of the registry that contains user
settings.
So, once you are done, make a copy locally of user.dat renaming it user.man, logon to the server and overwrite the old user.man.
Yuo can generally use the same user.man for all win98
boxes regardless of machine type.
Ok. this is not really what you asked for :-), but
I hate to see you put in work to update a machine
only to have it undone as soon as you logon to the server.
Since the previous admin seems to have been pretty thorough,
he has probably setup user.man.
If user.man is present in present in the user's home directory
when he logs onto the network,
it will be downloaded and overwrite the local user.dat.
User.dat is the part of the registry that contains user
settings.
So, once you are done, make a copy locally of user.dat renaming it user.man, logon to the server and overwrite the old user.man.
Yuo can generally use the same user.man for all win98
boxes regardless of machine type.
Ok. this is not really what you asked for :-), but
I hate to see you put in work to update a machine
only to have it undone as soon as you logon to the server.
If you did, it sounds like someone got a little carried away with policies. You'll have to re-do the policies at the server. Removing the NIC won't help.
What OS on clients?