Solved

Preventing a Local Computer Administrator from Changing Password

Posted on 2011-02-25
4
420 Views
Last Modified: 2012-08-13
This is an odd request, I know, but I need to prevent a person from setting a password on his computer.

Now, the background is that the client that I'm working for has asked their employees to not use passwords on their computers. I've tried to argue the point that the idea is ludacris but they won't budge. The problem is that one employee continually puts on back on there.

The setup is that it is a local Windows XP machine that is not connected to a domain and the employee has administrative rights.

Now, the few ways that I have researched are:

1.

DisableChangePassword in the registry

2.

Disable Change Password in compmgmt.msc (which is probably the same as the above)
Now I know that since he is an administrator he can just undo anything I can put on there. But he most likely won't and isn't very tech savvy.

So any other ideas or thoughts?

0
Comment
Question by:ThievingSix
4 Comments
 
LVL 7

Expert Comment

by:Mdragga
ID: 34981775
I'd recommend looking into DeepFreeze or something similar. Deepfreeze is the one I'm familiar with so its the one I can recommend.

Complicated to get to the prompt within Windows
You set a password to access the programs
Reverts any changes user may have made on reboot

http://www.faronics.com/en/Products/DeepFreeze/DeepFreezeEducation.aspx
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 34981782
Hmm.  You could set a password policy that forces him to change his password everyday, and prevents him from reusing the last 100 passwords.  That might annoy him enough to get him to change his ways.
0
 
LVL 9

Expert Comment

by:sah18
ID: 34981788
I think the two solutions you've already come up with are probably the best ones.  In addition (and you may already be doing this as well), you could enable autologin to XP so that no prompt comes up to log in at all -- this way, you are at least controlling which user account is (auto)logging into the system.
0
 
LVL 2

Accepted Solution

by:
__ST earned 500 total points
ID: 34985314
DeepFreeze is a good solution if you want to put restrictions on all of the PCs but allow the users Administrative control.  If you need a free option, Microsoft SteadyState was a great package (sadly discontinued at the end of last year, but still unofficially available online).

Since you're really only concerned with one user on one PC, disabling the ability to change the password in the registry could be an easy fix for you.  If the user isn't too tech savvy, change the permissions on the registry key to read only for them and you should be fine; it's unlikely that they would know to take ownership of the registry key and modify it.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
When we talk about DevOps toolchains, I sometimes wonder how many people really get what we’re talking about. I don’t know if it’s just semantics or tone or something else, but sometimes I think it just sounds like buzzword sausage. So it’s always …
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now