ItsGeekToMe.co

Q: You helped me stop my Notification Area icons from disappearing a while ago.  My new burden is I want to create a new account that has no WiFi or modem communications.  It would not need to load any of the services that do those things, nor any of the malware apps and services.  The hope is that this would free up resources and increase opening speed for doing strictly local machine tasks.  Could be used for music, graphics, image work, etc.  In my case, it’s to run a model railroad.  What would I have to do to set up an account that would create these conditions when I log into it?  Can I do this without messing up the ability of the other accounts to connect to my WiFi network?  I’d like the difference to be selected only by which account I log into, if possible.  The laptop is an older IBM ThinkPad running XP.  (I know!!)  Can the same thing be done in Vista and Win7.

– Bill B.
Niceville, Fla

A: What you’re asking is really quite difficult outside of a business setup, Bill, because individual copies of Windows weren’t really designed to give that fine of a span of control over multiple users.  Businesses achieve this type of result by forcing all computers to boot through a Domain Server which can implement very specific criteria upon each individual user through startup scripts.  This is difficult to set-up and expensive to manage, and is what keeps so many IT people gainfully employed these days.  That’s not to say it’s totally impossible to do it in a home-network environment, but it sure isn’t easy.

In researching your quandary, I found lots of articles on setting up group policies to restrict Internet access, but those really didn’t address your desire to stop loading anti-malware services and other support stuff needed for network access.  I also found some discussions about changing hardware profiles to eliminate networking hardware from the configuration, but that appears to be an all-or-nothing shot for all users on a computer.  Then there’s the issue of access to local workgroup resources (printers, network attached storage, etc) that has nothing to do with Internet access.  Each of these issues requires a separate, very complicated solution, and it would take way more space than I have in my column for any single one, much less discussing all three.

However, in my searches I think I found a tool that actually will allow you to do what you want, although it will cost you a small fee to purchase it (in my opinion, well worth the cost for a single-point solution to such a complex issue!).  Visit tinyurl.com/2pa2e and get a copy of Doug’s Windows XP Security Console.  Unless I read wrong, it allows you, on a per-user basis to restrict and configure almost every major aspect of your system, including the specific items you mentioned.