ItsGeekToMe.co
The official home of It's Geek to Me on the web!
Issue #194: April 10, 2011
Q: You helped me stop my Notification Area icons from disappearing a while ago. My new burden is I want to create a new account that has no WiFi or modem communications. It would not need to load any of the services that do those things, nor any of the malware apps and services. The hope is that this would free up resources and increase opening speed for doing strictly local machine tasks. Could be used for music, graphics, image work, etc. In my case, it’s to run a model railroad. What would I have to do to set up an account that would create these conditions when I log into it? Can I do this without messing up the ability of the other accounts to connect to my WiFi network? I’d like the difference to be selected only by which account I log into, if possible. The laptop is an older IBM ThinkPad running XP. (I know!!) Can the same thing be done in Vista and Win7.
– Bill B.
Niceville, Fla
A: What you’re asking is really quite difficult outside of a business setup, Bill, because individual copies of Windows weren’t really designed to give that fine of a span of control over multiple users. Businesses achieve this type of result by forcing all computers to boot through a Domain Server which can implement very specific criteria upon each individual user through startup scripts. This is difficult to set-up and expensive to manage, and is what keeps so many IT people gainfully employed these days. That’s not to say it’s totally impossible to do it in a home-network environment, but it sure isn’t easy.
In researching your quandary, I found lots of articles on setting up group policies to restrict Internet access, but those really didn’t address your desire to stop loading anti-malware services and other support stuff needed for network access. I also found some discussions about changing hardware profiles to eliminate networking hardware from the configuration, but that appears to be an all-or-nothing shot for all users on a computer. Then there’s the issue of access to local workgroup resources (printers, network attached storage, etc) that has nothing to do with Internet access. Each of these issues requires a separate, very complicated solution, and it would take way more space than I have in my column for any single one, much less discussing all three.
However, in my searches I think I found a tool that actually will allow you to do what you want, although it will cost you a small fee to purchase it (in my opinion, well worth the cost for a single-point solution to such a complex issue!). Visit tinyurl.com/2pa2e and get a copy of Doug’s Windows XP Security Console. Unless I read wrong, it allows you, on a per-user basis to restrict and configure almost every major aspect of your system, including the specific items you mentioned.
Now that I’ve given you that information, let me put a little bug in your ear. While you may think that a dedicated task PC has no need to access the Internet, I say you’re just not being Geeky enough. I run a dedicated task PC to control The Geek Lights On the Corner during Christmas, and I’ve come to absolutely rely on that computer being connected to the Internet. Using services such as GoToMyPC or LogMeIn, I can monitor and control my light show from anywhere on the planet that I have an Internet connection. I’ve done it as far away as Georgia, but mostly I do it right in my front yard, where I have a laptop or even my iPhone remotely connected to the computer that’s safely ensconced in the house and firmly wired into the many aspects of the light show. This gives me the ability to portably and wirelessly control everything as if I was sitting right at the actual light show computer. Imagine how Geeky you could be, controlling your model trains via WiFi, or with a touch on a smart phone screen!
Leave a Reply
You must be logged in to post a comment.