PASSWORDS-PLEASE HELP !!

[AUDREY]

With users on our network being part of a domain and all
of them having "network" passwords set on their PCs, can
Windows passwords also be set to block others from getting
onto the individual PCs? We have WIN 98, ME & 2000.

Would the Windows password block everyone out of the PC
completely so that there is no access to anything ?

If a Windows password can be set up in addition to a
network password, would this cause any conflicts with the
user on our network?

THANK YOU in advance for your valuable time - it is
greatly appreciated !!!!!!!!!!

 

[Laura E. Hunter \(MVP\)]

Ordinarily, Windows 98 & ME do not require a local login, so anyone wishing
to use those machines would simply click "Cancel" at the login screen and
have access to the local desktop. There is a setting in the Windows 98
System Policy Editor to the effect of "Require Validation by Network for
Windows Access" (See http://www.wown.com/articles_tutorials/poledits.html
for details on setting it up) that I used with mixed-to-good results when I
was supporting 98 boxes. (No idea if or how well it works for ME, never
touched the stuff.)

Windows 2000 Professional machines require either a local machine
username/password or a domain account to gain access to the desktop. If a
user doesn't have one of these two, they will not be able to access anything
on a W2K workstation.

 

[Den]

With 98 and ME machines on your network you are SOL.
Any passwords can easily be circumvented in 98 and ME.

If you are truely worried about security on your network then you need to
get rid of 98 and ME.

Even with Win2k, you have some issues to deal with, but at least there
methods to handle them.

The only reasonably good way to keep unauthorized people off of your local
machines and/or your network, is to put PCI based security cards in your
machines. This type of card requires a password just to boot the machine.
It is a hassle for your users, but it protects your network and machines
better.

It can still be circumvented by someone opening up the machine and pulling
the PCI card out and then rebooting, but that makes it more of a hassle.
Some modern machines have a boot password system built into the CMOS on the
motherboard. If you have those kind of machines you can activate that
measure. Just don't forget the password or your whole machine is useless.

But your main goal should be to get rid of the 98 and ME machines.

Dennis

 

[Andrew Mitchell]

With 98 and ME machines on your network you are SOL.
Any passwords can easily be circumvented in 98 and ME.

If you are truely worried about security on your network then you need to
get rid of 98 and ME.

I recently attended the MS Security summit in Melbourne and we were advised
by Microsoft that a patch was released a while ago to make Windows9x secure.
It's called 'Windows XP Upgrade'.......