MDFS::Docs.Comp.Windows.Hints.Network Search  

Windows in a networked enviroment

The most common way a Windows PC is configured when run in a networked environment has some great big holes in it:

User Profiles

The first of these is a horrendous waste of resources and a security leak. A user that uses many different client machines ends up leaving "droppings" on each machine in %WINDIR%\Profiles\<username>. This not only fills up the hard drive, these files can be examined by other users.

Some of the PCs where I work are regularly used by 40 or 50 different users, these users regularly use over a dozen different client machines. Some of these machines had more than half of a 2G hard drive filled with user profile information, and it was taking one user over half an hour to log on, such was the quantity of crap that was being thrown over the network onto the client machine.

Configuring users' pathnames to refer to their network home area fixes this. The relevent registry folders are

I set up my users' profiles so their home areas are arranged as follows. Our server allocates drive H: to the user's home area.
H:\Settings - Configuration settings, etc.
  H:\Settings\AppData
  H:\Settings\Desktop
  H:\Settings\Favourites
  H:\Settings\History
  H:\Settings\NetHood
  H:\Settings\Recent
  H:\Settings\Start Menu
  H:\Settings\SendTo
H:\Docs     - Documents folder, often set to "My Documents"
H:\Temp     - Temporary files
  H:\Temp\Cookies
  H:\Temp\Internet
  
I set the registry entries as follows:
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"SendTo"="H:\\Settings\\SendTo"
"Recent"="H:\\Settings\\Recent"
"Desktop"="H:\\Settings\\Desktop"
"Programs"="H:\\Settings\\Start Menu\\Programs"
"Fonts"="C:\\%windir%\\Fonts"
"Personal"="H:\\Docs"
"Favorites"="H:\\Settings\\Favourites"
"NetHood"="H:\\Settings\\NetHood"
"PrintHood"="H:\\Settings\\PrintHood"
"Templates"="C:\\%windir\\ShellNew"
"AppData"="H:\\Settings\\AppData"
"Start Menu"="H:\\Settings\\Start Menu"
"Startup"="H:\\Settings\\Start Menu\\Programs\\Startup"
"Cache"="H:\\Temp\\Internet"
"Cookies"="H:\\Temp\\Cookies"
"History"="H:\\Settings\\History"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"AppData"="H:\\Settings\\AppData"
"Desktop"="H:\\Settings\\Desktop"
"Favorites"="H:\\Settings\\Favourites"
"NetHood"="H:\\Settings\\NetHood"
"PrintHood"="H:\\Settings\\PrintHood"
"Recent"="H:\\Settings\\Recent"
"SendTo"="H:\\Settings\\SendTo"
"Start Menu"="H:\\Settings\\Start Menu"
"Programs"="H:\\Settings\\Start Menu\\Programs"
"Startup"="H:\\Settings\\Start Menu\\Programs\\Startup"
"Cache"="H:\\Temp\\Internet"
"Cookies"="H:\\Temp\\Cookies"
"History"="H:\\Settings\\History"
"Local AppData"="H:\\Settings\\Local\\AppData"
"Personal"="H:\\Docs"

This can be downloaded as file
Paths.reg. Once a user's paths have been changed to point to their networked home area, everything in %WINDIR%\Profiles\<username> can be deleted. In future, only two user configuration files will get copied in there on logon. clrname.exe in G:\Lib\ and then create the following registry entry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ClearName"="G:\\Lib\\Clrname.exe"
-->

Bypassing logon dialogue

What's the point of networking machines, providing users with home areas, and putting a logon dialogue in place if users can bypass all that by selecting "Cancel"? They are then left with no access to their home area and end up trampling all over drive C. Windows NT client machines force you to log on before you can use the machine, but Windows 95/98 machines can let you bypass the logon dialogue.

I solved this problem by writing a little utility ChkLogOn.exe that checked if the username was unset, and if so it shut the machine back down. Rather brute force, but it works. I put this in the C:\Windows\System directory of all our Windows 95/98 machines and put a shortcut in C:\Windows\Start Menu\Programs\Startup to run it.

It's written as the following compiled BBC BASIC program ChkLogOn.bbc:

      DIM alen% 3,name% 256
      !alen%=255:SYS "GetUserName",name%,alen% TO r%
      IF r%=0:SYS "ExitWindowsEx",3:*Quit
      *Quit
At some point I may get around to writing it in a few bytes of machine code.

Unattended machines

Ideally, I would like to set the screensaver function to forcably log the client off and shut down when the machine has been left alone. I am currently tracking down the relevant information to do this.

Others

As well as all the above, I set a few other default settings for our users, things such as the proxy server settings, Outlook settings, WinWord default templates directory and custom dictionary file, etc. All these profile settings are in the file
System.reg which you can customise for your own system.

Here are some useful registry settings.


Coming soon: multi-user enabling various applications.

Best viewed with Any Browser Valid HTML 4.0! Authored by J.G.Harston - Last updated: 12-May-2019