When a Windows95/98 system is configured for Login to a Novell Netware server or Microsoft NT-server, users have the option to select in the Login-Window the button "Cancel":
That will NOT connect them to the Network server, but still allows them access to the local Windows95/98 system. Using POLEDIT, users can be forced now to connect to the network.
This procedure to enforcing Network-Login works only with Network-servers supporting a User-database (like: Novell-Netware or Microsoft Windows NT-server) Do NOT try this on a PC-to-PC (Peer-to-Peer) network!
1) Using POLEDIT on the local Registry
Start up POLEDIT, select from the Menu: File / Open Registry:
It displays the 2 parts of the Registry:
- USER.DAT as "Local user"
- SYSTEM.DAT as "Local Computer"
In this example, we double-click on "Local Computer":
To enforce the Login to the Network, open the key: "Network",
then "Logon" and put a checkmark on:
"Require Validation by Network for Windows Access"
now, save your modification back to the local Registry:
When a user now selects the button "Cancel" in the Login window, he will be presented the following message and then presented again with the Login window:
Warning: This is not fully securing the local Windows95/98 system!
To gain access to the local data, it is still possible to reboot the system, display the Boot-menu (pressing F8 for Win95) , to select:
"Command prompt Only" to get the DOS-7 prompt ("C:>") and then view/copy files on the disk!
If you need a strong security: Use Windows NT with a disk in NTFS format!
But on a large network, it is a lot of work to go around and to edit on all systems the Registry. Solution 2 results to the same, but with much less efforts.
2) Using POLEDIT to download a profile from the server
On the network server, a file (called "CONFIG.POL") is stored with UPDATE information, which is loaded into the local Registry during the Network Login process (updating the Registry):
Server enforced System Policies (POLEDIT)