Enforcing Network Login via POLEDIT

This procedure is more detailed than actually required, because I use it also as an example on usage of the “System Policy Editor” ( POLEDIT ) on the local Registry and on downloading a profile from the Network server.

When a Windows95/98 system is configured for Login to a Novell Netware server or Microsoft NT-server, users have the option to select in the Login-Window the button “Cancel”:

That will NOT connect them to the Network server, but still allows them access to the local Windows95/98 system. Using POLEDIT, users can be forced now to connect to the network.

This procedure to enforcing Network-Login works only with Network-servers supporting a User-database (like: Novell-Netware or Microsoft Windows NT-server) Do NOT try this on a PC-to-PC (Peer-to-Peer) network!

1) Using POLEDIT on the local Registry

Start up POLEDIT, select from the Menu: File / Open Registry:

It displays the 2 parts of the Registry:
USER.DAT as “Local user”
SYSTEM.DAT as “Local Computer”
In this example, we double-click on “Local Computer”:

To enforce the Login to the Network, open the key: “Network”,
then “Logon” and put a checkmark on:
“Require Validation by Network for Windows Access”

now, save your modification back to the local Registry:

When a user now selects the button “Cancel” in the Login window, he will be presented the following message and then presented again with the Login window:

Warning: This is not fully securing the local Windows95/98 system!
To gain access to the local data, it is still possible to reboot the system, display the Boot-menu (pressing F8 for Win95) , to select:
“Command prompt Only” to get the DOS-7 prompt (“C:>”) and then view/copy files on the disk!
If you need a strong security: Use Windows NT with a disk in NTFS format!

But on a large network, it is a lot of work to go around and to edit on all systems the Registry. Solution 2 results to the same, but with much less efforts.

2) Using POLEDIT to download a profile from the server
On the network server, a file (called “CONFIG.POL”) is stored with UPDATE information, which is loaded into the local Registry during the Network Login process (updating the Registry):
Server enforced System Policies (POLEDIT)


~ by bestbooter on June 18, 2009.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: