- Preventing access to Network ID Page (Preventing Admins from Changing Named/Removing from Domain)
- Posted by Erik Yunghans on April 10th, 2006
I have been hunting for a way to limit our user's access to change Computer
Names/Domains. In our organization every user has Administrator priviledges
on their localized machine, which is required for our business, but we would
like to limit their ability to remove themselves from the domain or change
the computer name.
I found information on the Web stating that creating the Registry Key below
will prevent the Network ID Page from being displayed, but it does not
function as stated when applied to a Windows XP Professional Service Pack 2.
I've rebooted a few times and I still have access to the Network ID Page.
Below is the registry key I found out on the web, but everywhere I have seen
seems to imply that this is applicable on older Windows versions and doesn't
state if there is an equivalent for XP SP2.
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Network
"NoNetSetupIDPage"=dword:00000001"
Can anyone offer any assistance?
Regards,
Erik C. Yunghans
erik.yunghans@bentley.com
- Posted by Danny Sanders on April 10th, 2006
In our organization every user has Administrator priviledges
If they are admins on their computer, whatever you do to prevent whatever
you are trying to prevent, they as admins can undo.
Is there some software they run that "requires" them to be admin?
hth
DDS W 2k MVP MCSE
"Erik Yunghans" <erik.yunghans@bentley.com> wrote in message
news:ODL$t0LXGHA.1228@TK2MSFTNGP02.phx.gbl...
- Posted by Erik Yunghans on April 10th, 2006
Danny-
Yes, there is. We are a software development company, and that is part of
our requirement. Its a sad but true fact of life for us in the IT
department... and we don't have the option of changing it.
But we can forcibly apply a Reg patch or other setting through Group
Policy/SMS at every login so at least will get the same setting again (which
is how we enforce other settings currently).
But anyways, does anyone know if there is another registry entry for XP SP2
that will do the same as the aforementioned registry key? It would be
exactly what we are looking for... at least it makes it that much harder for
someone to try to remove themselves...
Regards,
Erik C. Yunghans
"Danny Sanders" <Danny.Sanders@NO-SPAMcpcmed.org> wrote in message
news:ujPA8UMXGHA.3808@TK2MSFTNGP04.phx.gbl...
- Posted by Doug Knox MS-MVP on April 10th, 2006
This only applies to Win 9x systems. There isn't an equivalent for XP systems.
--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
"Erik Yunghans" <erik.yunghans@bentley.com> wrote in message news:ODL$t0LXGHA.1228@TK2MSFTNGP02.phx.gbl...
- Posted by Erik Yunghans on April 11th, 2006
Thanks Doug, thats what I was afraid of. 
Regards,
Erik C. Yunghans
"Doug Knox MS-MVP" <dknox@mvps.org> wrote in message
news:umh1MBOXGHA.1348@TK2MSFTNGP05.phx.gbl...
This only applies to Win 9x systems. There isn't an equivalent for XP
systems.
--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
"Erik Yunghans" <erik.yunghans@bentley.com> wrote in message
news:ODL$t0LXGHA.1228@TK2MSFTNGP02.phx.gbl...
