Enforcing Network Login via POLEDIT
This procedure is more detailed than actually required, because I use it also as an example on usage of the "System Policy Editor" ( POLEDIT ) on the local Registry and on downloading a profile from the Network server.
When a Windows95/98 system is configured for Login to a Novell Netware server or Microsoft NT-server, users have the option to select in the Login-Window the button "Cancel":
That will NOT connect them to the Network server, but still allows them access to the local Windows95/98 system. Using POLEDIT, users can be forced now to connect to the network.
|This procedure to enforcing Network-Login works only with|
Network-servers supporting a User-database
(like: Novell-Netware or Microsoft Windows NT-server)
Do NOT try this on a PC-to-PC (Peer-to-Peer) network !
1) Using POLEDIT on the local Registry
Start up POLEDIT, select from the Menu: File / Open Registry:
It displays the 2 parts of the Registry:
- USER.DAT as "Local user"
- SYSTEM.DAT as "Local Computer"
In this example, we double-click on "Local Computer":
To enforce the Login to the Network, open the key: "Network",
then "Logon" and put a checkmark on:
"Require Validation by Network for Windows Access"
|now, save your modification back|
to the local Registry:
When a user now selects the button "Cancel" in the Login window, he will be presented the following message and then presented again with the Login window:
|Warning: This is not fully securing the local Windows95/98 system !|
To gain access to the local data, it is still possible to reboot the system,
display the Boot-menu (pressing F8 for Win95) , to select:
"Command prompt Only" to get the DOS-7 prompt ("C:>") and then
view/copy files on the disk !
If you need a strong security: Use Windows NT with a disk in NTFS format !
But on a large network, it is a lot of work to go around and to edit on all systems the Registry. Solution 2 results to the same, but with much less efforts.
2) Using POLEDIT to download a profile from the server
On the network server, a file (called "CONFIG.POL") is stored with UPDATE information, which is loaded into the local Registry during the Network Login process (updating the Registry):
Server enforced System Policies (POLEDIT)