?
Solved

Preventing a Local Computer Administrator from Changing Password

Posted on 2011-02-25
4
Medium Priority
?
431 Views
Last Modified: 2012-08-13
This is an odd request, I know, but I need to prevent a person from setting a password on his computer.

Now, the background is that the client that I'm working for has asked their employees to not use passwords on their computers. I've tried to argue the point that the idea is ludacris but they won't budge. The problem is that one employee continually puts on back on there.

The setup is that it is a local Windows XP machine that is not connected to a domain and the employee has administrative rights.

Now, the few ways that I have researched are:

1.

DisableChangePassword in the registry

2.

Disable Change Password in compmgmt.msc (which is probably the same as the above)
Now I know that since he is an administrator he can just undo anything I can put on there. But he most likely won't and isn't very tech savvy.

So any other ideas or thoughts?

0
Comment
Question by:ThievingSix
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 7

Expert Comment

by:Mdragga
ID: 34981775
I'd recommend looking into DeepFreeze or something similar. Deepfreeze is the one I'm familiar with so its the one I can recommend.

Complicated to get to the prompt within Windows
You set a password to access the programs
Reverts any changes user may have made on reboot

http://www.faronics.com/en/Products/DeepFreeze/DeepFreezeEducation.aspx
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 34981782
Hmm.  You could set a password policy that forces him to change his password everyday, and prevents him from reusing the last 100 passwords.  That might annoy him enough to get him to change his ways.
0
 
LVL 9

Expert Comment

by:sah18
ID: 34981788
I think the two solutions you've already come up with are probably the best ones.  In addition (and you may already be doing this as well), you could enable autologin to XP so that no prompt comes up to log in at all -- this way, you are at least controlling which user account is (auto)logging into the system.
0
 
LVL 2

Accepted Solution

by:
__ST earned 2000 total points
ID: 34985314
DeepFreeze is a good solution if you want to put restrictions on all of the PCs but allow the users Administrative control.  If you need a free option, Microsoft SteadyState was a great package (sadly discontinued at the end of last year, but still unofficially available online).

Since you're really only concerned with one user on one PC, disabling the ability to change the password in the registry could be an easy fix for you.  If the user isn't too tech savvy, change the permissions on the registry key to read only for them and you should be fine; it's unlikely that they would know to take ownership of the registry key and modify it.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
The top devops trends for 2017 are focused on improved deployment frequency, decreased lead time for change and decreased MTTR.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question