Welcome To Australia's No.1 Media Center Community!
You Are Currently Viewing As A Guest - you'll need to register in order to participate in our community and make this annoying message disappear!
By registering you'll be able to post & reply to questions, set up your own image gallery & blog, communicate privately with other members, create & respond to polls, access downloads and other "members only" features.
Registration is fast, simple and absolutely free so why not join our community today - you'll be glad you did!
For any problems with the registration process or your account, please contact support.
if this is not possible, is there a utility that will lock the start button and only allow icons to be used that i have left on the desktop?
Haven't tried any myself (no need) but solutions to this generally revolve around using a custom shell rather than the default explorer.exe to provide the user's desktop. Note that since your rental users have physical access to the machine a determined user (or any 12 year old) will be able to bypass just about anything you do.
You might want to checkout the Local Security Policy Settings in Vista.
Run the command "%SystemRoot%\system32\secpol.msc /s" or go to Control Panel>Administrative Tools>Local Security Policy....you may want to use the F1 function and help with this area if you are not familiar...and have a highly secure Admin password and account outside the scope of these policies so you don't lock yourself down, and to to avert those pesky 12 year olds...a 14 character password including UPPERCASE lowercase Num3r1c and $pe<!@|_ characters is recomended. Also Remove all other boot options from BIOS apart from the boot drive (CD, floppy, USB, other etc) and have a secure BIOS password so this cannot be bypassed.
As well as local security settings, you could like ozbear says, boot the PC directly into the MCE interface as opposed to explorer. Steps to do this are below.
If you want to install this on all users (not recomended)
1) open regedit (start menu > run, and type in regedit)
2) go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon.
3) Change Shell from explorer.exe to the new shell path e.g c:\windows\ehome\eshell.exe
4) log out and log back in.
or If you want to install this on just the current user (i.e. make a new Account)
1) open regedit (start menu > run, and type in regedit).
2) go to: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon.
3) add a new string value (Edit > New > String Value) called shell. and set the value to the path of the new shell e.g c:\windows\ehome\eshell.exe
4) log out and log back in.
Note: I haven't tried this, so I'm not sure how this will affect the operation of other functions of the PC.
As well as local security settings, you could like ozbear says, boot the PC directly into the MCE interface as opposed to explorer. Steps to do this are below.
That isn't exactly what I said, close though, as the MCE interface is another shell, but there are other shells available to use rather than explorer.exe, i.e., explorer.exe isn't evening running, or replaced with another executable by th same name. By doing that, you can make the desktop look pretty much like whatever you want. I believe the WindowBlinds gizmo uses this technique but I am unsure.
There are lots of websites detailing how to bypass BIOS passwords, so even that isn't a sure thing. The key is physical access to the PC. As soon as that is granted, then pretty much all add-on security goes out the window.
Re: lock down vmc or mce
