Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Stop ALL Profiles from saving on Win2K Workstation

Status
Not open for further replies.
fujiphoneguy

fujiphoneguy

MIS
Jul 9, 2002
20
0
0
US
Hi All,
I want to set up a lab computer to stop ALL profiles from saving locally...We don't use roaming profiles here (and don't want to; mix of personal and School-Owned machines), but I don't want each user that sits down to have his/her settings saved....all users should use the default profile (and things should be locked down using group policy.) I have played around with the GPO settings, but can't seem to get everyone to use the same profile without them being able to change it. Anyone?
 
Sort by date Sort by votes
You did not say whether you are using a networked pc or a stand alone one.
You could possibly try using a mandatory profile but this will still allow users to change the settings; it just doesn't save them. So every time that user logs in again the settings should revert back to the mandatory profile.
I don't know if that is good enough for you.
To create a mandatory profile rename the NTUSER.DAT to
%USERNAME%\NTUSER.MAN.
 
Upvote 0 Downvote
Thanks for the info. We are in a networked environment. I think I looked into using mandatory profiles, but the problem is, I don't want the mandatory profiles to be stored in users' domain accounts, I only want to enforce the profile or policy on specific machines. We are a college, and students have their own machines in their dorm rooms that should not be subject to any kind of restriction.
 
Upvote 0 Downvote
Just don't let them log on as themselves. Make all PCs logon automatically on the same "computerlab" account with a mandatory profile. If you dont use roaming profiles I don't see what the problem would be.

We also use a harddrive protection device in our lab called "centurian guard" that resets the C: drive to default on reboot so there are no changes whatsoever.
 
Upvote 0 Downvote
Thanks dvornik,
We need to have users log on with their own Usernames....our Students have their personal H:\ drive (personal network storage) only they have access to, as well as other network drives that different groups of people have access to (based on Username.) We have used Fortress' CleanSlate in the past on Win98 Workstations in labs, but have had many issues with this software. We were going to try to get away from a third party software product and stay native Windows, but I have yet to find the right combination of security that will allow us to do this...
 
Upvote 0 Downvote
OK, that's a different situation.

What we do is make them FTP to the drive from the lab (just one shortcut really) and logon with username/password to the drive. And they get directly into their folder with appropriate rights. My boss set it up so I don't know the details right now, can post it tomorrow if you are interested.


Centurian guard worth it's weight in gold as far as I am concerned. It's a hardware device that has a phisical key and prevents all changes to selected drives. We've used it for over 2 years in all our labs.
 
Upvote 0 Downvote
Yes, any information on how that works would be great. Do you have a website I can check out for more info on the Centurian Guard?
 
Upvote 0 Downvote

I don't work for them. I work for Pratt Manhattan. We are happy with it, but you have to keep in mind - NO changes can be made to protected drives. So certain software that does require changes (c-dilla for instance in 3ds max) will need to be reconfigured appropriately.
 
Upvote 0 Downvote
fujiphoneguy,

How many machines/users are we talking about? Another approach could be to set all the users on each machine to use the same mandatory profile.

So, set up said profile on one machine and copy it to all the others.

Asuming all machines need this setting for same users, set up a batch file with a net user entry for each user, eg:-

net user <username> /profilepath:&quot;C:\Documents and Settings\Default&quot;

Run batch file on each machine (if you've a lot, try using psexec - part of pstools, freeware from - to start jobs on all machines from one).
 
Upvote 0 Downvote
OK, what we do is run an FTP server on the file server.
Then just make a shortcut to ftp://guest@servername/ or something to that extent and name it &quot;Student Files&quot; or whatever. Guest doesn't have access so they get username and password prompt instead. When they log in they are directly in their home folder. Works for macs too, cause it's just FTP.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dpellegrini
  • Locked
  • Question
Clear All Credentials in Credential Manager
Replies
0
Views
79
dpellegrini
dpellegrini
spamjim
  • Locked
  • Question
Sanitizing illegal filenames on NTFS volumes
Replies
2
Views
84
spamjim
spamjim
pjw001
  • Locked
  • Question
Programs not loading on Windows 11 Version 22H2.
Replies
9
Views
211
pjw001
pjw001
Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
249
Flinx
Flinx
hamburg18w
  • Locked
  • Question
Task Host is Stopping the Shutdown
Replies
1
Views
220
Ign3us
Ign3us

Part and Inventory Search

Sponsor

Back
Top