Unlock workstation without closing session

[nihil]

Hi Sue,

I am confused

This often poses a problem for us. We often see yellow stickies asking people not to touch the system. Shutting down someones system is simply not an option.

I haved worked with NT family environments for a good few years and have never found this a problem. You use the word "often" twice?

My experience would suggest a frequency that "I could count on the fingers of one hand in a year"

This suggests that you might have process/practice/procedures problems.

As suggested by the other members, the feature is deliberate. Unless you used a cracking tool, the admin cannot look at a user's password, you can only reset it. This is to make the user wholly responsible for their desktop whilst logged in?

IMHO to try to circumvent this will punch a great hole in your potential to enforce an AUP, as you cannot pin down the use of a workstation to a particular user at any one time?

My questions are:

1. Why do you "often" have to access a users workstation when they are logged in but not present?

2. What are they running that makes them have to often leave sticky notes on their screens?

I think that there might be a work around, but compromising the existing security would only be a very last resort, and require some considerable justification?

Cheers

[jinxy]

No idea about 2000 but with xp you can enable fast user switching, this would allow you to log onto the admin account and show running process for all users with the task manager. Without shutting down running progs etc.

[ammo]

Originally posted here by jinxy
No idea about 2000 but with xp you can enable fast user switching, this would allow you to log onto the admin account and show running process for all users with the task manager. Without shutting down running progs etc.

Not while in a domain (IIRC).

Ammo

[phishphreek]

Thanks for the info about the VNC for windows. I did not know that you could only use one session...

Slarty: I'd be interested in the tool you've developed. You have some very creative projects... what else have you developed?

[MURACU]

I am not sure if fast user switching will work if the computer is attached to a domain but if it is just to see what is running then I would go with phishphreek80. Pstools will give you all the information you need as long as you are in the local administrators group.

Edit I hit submit half an hour after writing my reply without actualising the page so didnt see all the updates

[sue_brighton]

Hey Guys,

Thanks for all your replies. Wow, I just discovered this board and man does it get results

The systems I am working with are installed in a lab where not just I but other people
must have access to. It is company policy to have all systems locked when unattended.
Logging off is not an option because there are monitoring programs usually running.

In any case I think I have found a solution that might work. I must investigate this further.

The Transparent Screen Lock is a third party app (which locks your system either in Transparent mode where you can still see the screen or blanks the screen) can be set to be unlock by the user or an Administrator. When the system is unlocked the user's session is perserved.

Anyone have any experience with this product? Any feedback would be nice.

You can find more info on this product at
http://www.e-motional.com/tscreenlock.htm

Thanks again everyone. I am looking forward to your feedback.

Sue

[nihil]

Thanks Sue,

I had completely forgotten about laboratory monitoring equipment

The only "work around" that I have seen is in the defence industry. Here we set up a "generic user" with a password collectively known to the particular project team. That worked because each project "owned" its own equipment, and there was very tight access control.

The software you mentioned sounds interesting, but wasn't around then AFAIK.

Cheers