BOOT CAMP ARCHIVE 2000

  

 

BOOT CAMP 141

 

SYSTEM POLICIES part 2

 

In last week’s introduction to the Windows System Policy Editor or ‘Poledit’ we showed how this powerful security program might be used to control access and stop people mucking around with your computer. This week we’ll look at how to use some of Poledit’s most useful features.

 

Since Poledit makes changes to your PCs Registry files it’s a very good idea to carry out a backup before you do anything else. Go to Run on the Start menu and type ‘regedit’ to open the Registry editor program. On the Registry menu select Export Registry file, select a name (‘regbak’ is customary) and a location and click OK. If after using Poledit you get any error messages relating to the Registry simply double click on your Regbak.reg file and it will automatically re-install your backup.

 

The Windows 95 and 98 versions of Poledit are slightly different but both of them are on the CD-ROM installation discs. On the Windows 95 disc it can be found in D:\Admin\Apptools\Poledit; for Windows 98 the location is D:\Tools\Reskit\Netadmin\Poledit (where D: is the drive letter of your CD-ROM). Poledit wasn’t included with Windows 95 on floppy discs, but it can be downloaded from the Microsoft web site at: http://www.microsoft.com/downloads/search.asp, the file is called Policy.exe.

 

As we mentioned last week it is possible to put a copy of Poledit on your computer but that will mean anyone with devious intent will be able to undo any changes you make, or worse still, impose restrictions of their own! Normally all changes made using Poledit are global, however, if the PC is used by a number of people, you can restrict changes to just one profile by logging on in that profile before you start.

 

Step one is to install the main Poledit files on your PC. Go to Add/Remove Programs in Control Panel, select the Windows Setup tab and click Have Disc. Use the Browse button to navigate to the folder on the CD-ROM containing Poledit and select the file Poledit.inf. Click OK, select System Policy Edit then Install. A new item called System Policy Editor will now appear in Start > Programs > Accessories > System Tools. By the way, the Windows CD-ROM must be in the drive every time you run Poledit.

 

You can also run Poledit directly from the CD-ROM, providing you don’t later restrict the use of the Run command! Go to Run on the Start menu and use the Browse button to find your way to the Policy.exe file on the disc.

 

When you run the Windows 95 version of Poledit for the first time you will be prompted to open a file called ‘admin.adm’, click Open and the main System Policy screen appears. On the Window 98 version you normally go straight to the opening screen. Next go to the File menu and select Open Registry then click on the Local User icon.

 

In Windows 95 you will see a set of sub-menus called Local User Properties detailing the areas of Windows that you can control, in Windows 98 click on the item Windows 98 System and a similar set of options should appear, though it will exclude the ‘Network’ controls, which are dealt with separately. The four items we are interested in, and common to both versions of Poledit, are called Shell, Control Panel, Desktop Display and Restrictions; we’ll look at each one in turn (in the order that they appear in the Windows 98 version of Poledit).

 

Click on the plus sign next to Shell and two further sub folders appear, Custom Folders and Restrictions. Click the plus sign again and the items you can control appear, with a checkbox alongside each one. There not much to interest the average user in Custom Folders, it’s mostly concerned with changing the default locations of programs, so we’ll move swiftly on to Restrictions. This contains a set of options to remove or hide Windows user interface features. The ones most users with a shared PC might want to check are: ‘Remove Run Command’,  ‘Remove Folders from Settings on Start menu’, ‘Hide Drives in My Computer’ and ‘Don’t Save Settings on Exit’. Most of the others are either concerned with network features or fairly extreme things, like disabling Shut Down or hiding all of the icons on the desktop.

 

On now to Control Panel, which opens with four or five options, depending on the version of Poledit. They are: Display, Network, Passwords, Printer and System. Clicking each item brings up a further set of options in the window below. In my opinion it’s worth checking everything in Display and System since these are the things that can cause the most problems through accidental and deliberate tampering. The restrictions you impose in Network, Password and Printers will depend on what type of setup you have and who uses the PC.

 

The next item is Desktop and there are just two restrictions here that allow you to fix the wallpaper and colour scheme. Users can still make changes but they will be reset to your defaults when the machine is restarted.

 

Finally Restrictions. This set of options prevents Registry editing tools being used (including Poledit – so definitely leave this one alone!), stops DOS programs running in a DOS window or restarting the PC in DOS mode and lets you specify which programs are allowed to be used on your PC. It’s worth disabling the DOS options especially if the PC is under threat from knowledgeable users. Imposing restrictions on which programs may be used is actually quite difficult to use since you have to specify the full path for each program and this can be quite a chore, it’s easier to remove programs you won’t allow, and disable the Run command or hide the drives.

 

After setting your restrictions exit Poledit and you will be asked to confirm that you want to make changes to the Registry, click OK. Some of them will occur immediately, others will take place the next time the PC is booted up.

 

Next week – Windows Millennium Edition

 

JARGON FILTER

 

PATH

The location of a file or program on a hard disc, e.g. to specify the file that starts Microsoft Word the path might be: C:\Program Files\Microsoft Office\Office\Winword.exe

 

REGISTRY

A large, constantly changing file in Windows 95, 98 and 2000 containing details of how your PC is set up, and all the programs stored on the hard disc

 

REGBAK.REG

A self-installing file that automatically replaces a corrupt or faulty Registry

 

TOP TIP

Here’s a quick one for people who use Outlook Express to collect their email when away from home, on other people’s PCs, Internet Café PCs or laptops. By default OE downloads messages from the server to the PC, which can be awkward if it’s not your machine. To stop that happening go to Tools and then Accounts, highlight the account you’re using and select Properties. Click on the Advanced tab and check the item "Leave a copy of message on server". Now you can read your messages when you are away, and when you get home you can download them onto your main PC

Search PCTopTips 


Web

PCTopTips

Boot Camp Index

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

 

Top Tips Index

Windows XP

Windows Vista

Internet & Email

Microsoft Word

Folders & Files

Desktop Mouse & Keyboard

Crash Bang Wallop!

Privacy & Security

Imaging Scanning & Printing

Power, Safety & Comfort

Tools & Utilities

Sound Advice

Display & screen

Fun & Games

Windows 95/98/SE/ME

 

 

 

 

 

 Copyright 2006-2009 PCTOPTIPS UK.

All information on this web site is provided as-is without warranty of any kind. Neither PCTOPTIPS nor its employees nor contributors are responsible for any loss, injury, or damage, direct or consequential, resulting from your choosing to use any of the information contained herein.