How can I disable password login scheme in WinXP?

[Enchanter]

Here's the story. An uncle of mine has got a laptop with WinXP installed on it. He is the sole user in the OS (Administrator class) and uses no password login. Sometime ago his mischievous daughter created herself a second account, made herself the Administrator and changed my uncle's account to Limited class. Soon enough trouble started on the laptop (imagine the crap she installs so freely and my uncle's complete inability to install any of his software or even to change a single setting). Long story short, my uncle managed to coerce her to tell me the password so I can revert things back to normal and 'cure' the ailing system.

I want to disable this user account/password crap so this does not happen again. I want to remove the option of creating additional accounts and, if that's not possible, to make it impossible to access them. I want to also remove all password-access options (what was originally meant as protection has become a domestic nuisance). I don't think Windows provides the option for that so I guess this must be done via a registry hack - which I prefer as I'm positive the daughter is not clever enough to be able to get around a registry hack.

Cheers!

[Intuit]

First thing to do is to make sure that the true "Administrator" named account has a password.  (control.exe userpasswords2) If not, she could get around your changes just by booting into safe mode.  Next, set your Uncle's account as Administrator and password protect it.  Make sure she hasn't installed any hidden accounts.  Set his screen saver to activate in three minutes and ask for a password after five seconds.  Make sure automatic logon is turned off.  (should be by default) Set her freak'n account as Limited and make sure her Uncle knows how not to give out his password, or allow her to watch him peck... or type it in.

The user accounts applet is nusrmgr.cpl, but you're going to have to fight with WFP to keep it off.  

Code:

ren "c:\windows\driver cache" "(Driver Cache)"
ren c:\windows\system32\dllcache\nusrmgr.cpl *.(cpl)
ren c:\windows\system32\nusrmgr.cpl *.(cpl)
echo Respond to WFP queries with "cancel" and "yes".
echo Waiting for 60 seconds....
ping 127.0.0.1 -n 60>nul
ren "c:\windows\(driver cache)" "Driver Cache"

That should work, but you may have to fight with it some more and she can still use "Control.Exe userpasswords".

Now if she's truly mischievious she'll simply reinstall windows.  Disable CD, USB, Network & Floppy boot in the BIOS and password protect the BIOS.
As far as her getting direct access to the HD... well...  I would say mod a car alarm onto it but they need a constant 12v power supply.  

I'm sure there are some other angles to be explored... so keep your brain storming...

EDIT:  If she's hacker-class () then you'll need to disable all non-essential services and go directly to update.microsoft.com.

[Enchanter]

Thanks a lot, Intuit. I knew you'd be the one to come forward. I'll implement your suggestions soon enough this weekend. These should be more than enough as she's not a hacker-type (just a mischievous little girl who likes to click around Windows and discover what the icons do; scripting like this should be beyond her).

Cheers!

edit:

Make sure she hasn’t installed any hidden accounts

How do I check this?

[Maturin]

IIRC control userpasswords2 doesnt work under XP home, if thats what your Uncle is running.

[Intuit]

It works under home Maturin.

If she's simply exploring and learning that's one thing and she should have her own computer.  If she's taking steps to lock people down and out of their own property, that's another.  I would encourage the first and the later, is more complicated.

As far as hidden accounts, while one shouldn't underestimate their "adversary" or their ability to Google a work-around, it's unlikely that she installed a hidden account.  Was more or less, being thourough and somewhat facetious.

For informational purposes, from the command prompt
dir /ad "C:\Documents and Settings\*"
(yes it shows hidden & system folders)

and also...
Reg.Exe QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" /s

Each SID should be easily matched to a particular user.
Standard SIDs S-1-19/20/18 and the rest will be unique.

You can also see what they refer to as "RDNs" by right-clicking a HLM registry key -> Permissions -> Advanced -> Add -> Advanced -> Find Now

Couple that information with SysInternals' AccessEnum program and you can checkout who has access to what.