Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

setting policy restrictions on XP

Status
Not open for further replies.
sonuteklists

sonuteklists

Technical User
Joined
Jul 20, 2004
Messages
233
Location
US
I have 2 machines. One is running XP Home edition and the other is running XP Professional. I have to set policies on them so that no user can (apart from the administrator),
(1) write to the hard disk, save anything to the harddisk.
(2) they should not be able to browse any other site than the one the that ends in somedomain.edu
(3) not be able to change their own passwords.
Please advise, where and how do I this from ASAP !!
Thanks.
 
Sort by date Sort by votes
A1. Use Group Policies to Hide the disk. Second choice, use NTFS permissions for the user or user group to read-only.

Warning: this may prevent a lot of software from being able to use these files.

A2. If the case is a single site only use of IE, see:
A3. You can configure your domain via a group policy so that users can change their passwords only when the system prompts them:

Start the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in (Start, Programs, Administrative Tools, Active Directory Users and Computers).
Right-click the container (site/domain or organizational unit—OU) you want to enforce the policy on, and select Properties.
Select the Group Policy tab.
Select the policy and click Edit.
Expand User Configuration, Administrative Templates, System, Logon/Logoff.
Double-click Disable Change Password, and on the Policy tab, select Enabled.
Click Apply, then OK.
Close all dialog boxes.
Refresh the policy with the following command:

C:\> secedit /refreshpolicy user_policy

You can also configure this feature on a per-user basis. Perform the following steps:

Start regedit.exe.
Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies.
If the System key exists, select it. Otherwise create it (Edit, New, Key, System).
Under System, create a new value of type DWORD (Edit, New, DWORD value).
Type a name of DisableChangePassword, and press Enter.
Double-click the new value, and set it to 1. Click OK.
Close regedit.
You don't need to log off; the change takes effect immediately.
 
Upvote 0 Downvote
Home is a bit harder as it doesn't have Group Policy.


This thread will lead to some possibilities for Home.

Cool Tip #2: Security Tab in Windows XP Home
thread779-685055


How to Configure Internet Explorer 5.x to Block Access to All But Approved Internet Sites

292504 - Policy Settings for the Start Menu in Windows XP
 
Upvote 0 Downvote
Let me amend the first answer, use TweakUI to hide the hard disks in both cases, this removes the dependence on gpedit.msc. I hold to the second part of the answer, that NTFS permission per user will do the restrictions needed.

As for the rest, the Group Policies I believe are all local polices, so in XP Home, Start, Administrative Tools, Local Policies; or use the registry edit suggested above.





 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

spamjim
  • Locked
  • Question Question
Sanitizing illegal filenames on NTFS volumes
Replies
2
Views
791
spamjim
spamjim
pjw001
  • Locked
  • Question Question
Programs not loading on Windows 11 Version 22H2.
Replies
9
Views
2K
pjw001
pjw001
Flinx
  • Locked
  • Question Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
3K
Flinx
Flinx
dik
  • Locked
  • Question Question
Change Icon Image on Desktop
Replies
5
Views
1K
JimSmith02
JimSmith02
Edu_uy
  • Locked
  • Question Question
Inverted brightness keys on hp with windows10
Replies
3
Views
482
mikrom
mikrom

Part and Inventory Search

Sponsor

Back
Top