The Windows XP Home default configuration requires extensive modification to operate in a Family History Center. These tables document the steps taken by the Lodi Stake FHC to setup XP Home on its patron workstations.
The resulting system configuration provides a relatively high degree of Internet security, a fair amount of protection from inadvertent user misbehavior, and a very modest degree of protection from malicious user activity. The default Task Manager process count ( CTRL + ALT + DEL > Processes) is 27 which yields a satisfactory level of performance on 500 MHz PIII systems with 128 MB RAM.
Task prefix key:
- H - system hardware dependent
- L - unique to Lodi Stake FHC installation
- U - per-user setting
Approximate time to perform all tasks is 8 hours.
| Windows XP Home Configuration | ||
| Dislpay Properties | ||
| U |
Change Background | Desktop tab: select Background: (None) |
| L |
Change Color | Desktop tab: select Color: dark blue (0, 0, 128) |
| Disable Cleanup Wizard | Desktop tab: click Customize Desktop…, General tab: uncheck Run Desktop Cleanup Wizard every 60 days | |
| Disable Screen Saver | Screen Saver tab: select Screen saver - (None) | |
| Specify Power Scheme Parameters | Screen Saver tab: click Power…, Set the Power Scheme parameters as follows:
|
|
| H | Enable Clear Type | Appearance tab: click Effects…, check Use the following method to smooth the edges of screen fonts: and select Cleartype. Microsoft's ClearType tuning page can adjust the strength for a more custom appearance. |
| Hide window contents | Appearance tab: Effects…, uncheck Show window contents while dragging | |
| U | Change default fonts | Appearance tab: click Advanced, select Item: Icon and specify Font: Verdana. Repeat for Items: Menu and Message Box. |
L |
Select Resolution | Settings tab: set Screen resolution to 1024 by 768 pixels |
| Specify Color Quality | Settings tab: select Color Quality - Medium (16 bit) | |
| Specify color profile | Settings tab: click Advanced, if present click Color Management, click Add…, select sRGB Color Space Profile.icm and Set As Default | |
| Internet Explorer | ||
| U |
Specify Home Page | Go to familysearch.org, click Tools > Internet Options, click Use Current |
| U |
Customize Toolbar | View > Toolbars > Customize…, remove Mail, Edit and Search icons from Current toolbar buttons |
| U |
Configure Toolbars | View > Toolbars, uncheck Lock the Toolbars, drag Address Bar to top row, uncheck Links, check Lock the Toolbars |
| U |
Resize Cache | Tools > Internet Options…, Temporary Internet files: Settings…, set Amount of disk space to use to 75 MB. |
| U |
Relocate Cache | Tools > Internet Options…, Temporary Internet files: Settings…, Move Folder…, specify drive D |
| U |
Patron - Internet Zone Security Settings Note: these settings may impair the functionality of desirable sites. Impaired sites should be added to the Trusted zone to restore functionality. |
Tools > Internet Options…, Security tab: click Internet zone, click Custom Level… under ActiveX controls and plug-ins: set Binary and script behaviors to Disable under Downloads: set Font Download to Disable under Miscellaneous: set Allow META REFRESH to Disable under Scripting: set Active scripting to Disable under User Authentication: set Logon to Automatic logon only in Intranet zone |
| U |
Patron - Specify Trusted Sites | Tools > Internet Options…, Security tab: Trusted Sites, click Sites…, uncheck Require server verification and add: 1837online.com, ancestry.com; familysearch.org; microsoft.com; trendmicro.com; vitalsearch-ca.com Tools > Internet Options…, Security tab: Local intranet, click Sites…, uncheck Require server verification and add LAN File Server IP address |
| Enable Content Filtering | Tools > Internet Options…, Content tab: click Enable… in the Content Advisor section, General tab: check Users can see sites that have no rating, enter the staff password when prompted | |
| U |
Disable Sounds | Tools > Internet Options…, Advanced tab: under Multimedia, uncheck Play sounds in web pages |
| U |
Disable Auto Image Resizing | Tools > Internet Options…, Advanced tab: under Multimedia, uncheck Enable Auto Image Resizing |
| U |
Disable Most Likely Site | Tools > Internet Options…, Advanced tab: in the Search from Address Bar section, check Just display the results in the main window |
| U |
Check Server Certificate | Tools > Internet Options…, Advanced tab: under Security, check Check for server certificate revocation. |
| ZoneAlarm Firewall | ||
| Install ZoneAlarm | Download and install ZoneAlarm | |
| Security Levels Verification | Firewall > Main: verify Internet Zone Security is High, Trusted Zone Security is Medium | |
| Specify Trusted Zone | Firewall > Zones: assign local ethernet adapter to trusted zone | |
| Disable Antivirus | Antivirus tab: turn Antivirus Monitoring Off | |
| Disable Email protection | E-mail tab: turn E-mail Protection Off | |
| Help and Support Center | ||
| Install Critical Windows Updates | Open Internet Explorer > Tools > Windows Update, click Scan for Updates. (If necessary click OK to a security dialog box that asks permission to install the latest version of the Windows Update software.) Install all Critical Updates and Service Packs. Repeat this procedure until the most recent Service Pack and all critical Windows updates have been installed |
|
| Help Protect My PC | Select Enable Automatic Updates | |
| Administrative Tools > Computer Management | ||
| Reassign CD drive letter | Click Disk Management, r.c. the CD drive icon and select Change Drive Letter and Paths…, click Change, select letter Y and click OK. | |
| H |
Reassign Zip drive letter | Click Disk Management, r.c. the Zip drive icon and select Change Drive Letter and Paths…, click Change, select letter Z and click OK. |
| Disable Indexing Service | Click Services and Applications, r.c. Indexing Service, select All Tasks > Tune Performance, and select Never Used. | |
| Control Panel | ||
| U |
Select Classic View | click Switch to Classic View |
| Control Panel > Add or Remove Programs | ||
| Remove Windows Components | select Add/Remove Windows Components: uncheck Accessories and Utilities: Games, Indexing Service, MSN Explorer, Outlook Express, and Windows Messenger | |
| Remove Messenger | If present, r.c. the Windows Messenger icon in the Notification Area and click Exit. Download the nomsngr.bat file from the Windows XP Home Setup page on fhctech.org and execute it to remove Microsoft Messenger. | |
| Control Panel > Administrative Tools: Services | ||
| Disable Unnecessary Services | If present, insure the Startup Type for the following services is Disabled: Alerter, Clipbook, Distributed Link Tracking Client, Infrared Monitor, Messenger, Netmeeting Remote Desktop Sharing, Remote Desktop Help Session Manager, Remote Registry, Routing & Remote Access, SSDP Discovery Service, Telnet, Uninterruptable Power Supply, Universal Plug and Play Device Host, Wireless Zero Configuration To disable: r.c. service name > Properties > General tab: if Service status is Started, Stop the service; select Startup type: Disabled. |
|
| Control Panel > Date & Time | ||
| Perform Time Synchronization | Internet Time tab: check Automatically synchronize with an Internet time server, select time.nist.gov and click Update Now | |
| Control Panel > Folder Options | ||
| Hide Sidebar | General tab; select Use Windows classic folders | |
| Disable Search for Network Resources | View tab; Advanced Settings: uncheck Automatically search for network folders and printers | |
| Show File Extensions | View tab; Advanced Settings: uncheck Hide extensions for known file types | |
| Hide Control Panel | View tab; Advanced Settings: uncheck Show Control panel in My Computer | |
| L |
Secure File Associations | File Types tab; Change… file associations for Extensions: .js, .jse, .otf, .reg, .sct, .shb, .shs, .vbe, .wsc, .wsf, .wsh to Opens with: Notepad.exe. Create a New association for .scr. Note: .pif and .vbs are used in FHC environment. |
| Control Panel > Network Connections | ||
| Disable QoS and File Sharing | r.c. Local Area Connection > Properties. If checked, uncheck QoS Packet Scheduler. If checked, uncheck File and Printer Sharing for Microsoft Networks | |
| Disable DNS Registration | r.c. Local Area Connection > Properties. Double click Internet Protocol (TCP/IP), click Advanced…, select DNS tab: uncheck Register this connection's addresses in DNS | |
| Control Panel > Power Options | ||
| Disable Hibernation | Hibernate tab: uncheck Enable hibernation | |
| Disable Standby Password | Advanced tab: uncheck Prompt for password when computer resumes from standby | |
| Control Panel > Regional and Language Options | ||
| L |
Install Spanish Keyboard Service | Languages tab: click Details…, click Add… and select Spanish (mexico) |
| Control Panel > Sounds and Audio Devices | ||
| Disable Windows Sounds | Sounds tab: select Sound Scheme - No Sounds | |
| Control Panel > System | ||
| Configure System Restore | System Restore tab: select the system drive, click Settings… and set the Disk Space usage slider at approximately 600 MB. | |
| Disable System Restore | System Restore tab: select each non-system drive, click Settings and check Turn off System Restore on this drive | |
| Schedule Auto Updates | Automatic Updates tab: select Automatic (recommended) | |
| Disable Remote Assistance Requests | Remote tab: uncheck Allow Remote Assistance invitations to be sent from this computer | |
| L |
Specify Computer Name | Computer Name tab: click Change and specify Computer name and Workgroup: FHC |
| Customize Visual Effects | Advanced tab: Performance section, click Settings, Visual Effects tab: uncheck the following: Fade or slide menus into view; Fade or slide ToolTips into view; Fade out menu items after clicking; Show Shadows under menus; Slide open combo boxes; Slide taskbar buttons; Use a background image for each folder type; Use drop shadows for icon labels on the desktop. | |
| L |
Relocate Paging File | Advanced tab: Performance section, click Settings, Advanced tab: Virtual Memory section, click Change. In the Drive [Volume Label] list select the C: drive, select No paging file and click Set. Select the D: drive, select Custom Size and enter values of 256 and 512 for Initial size and Maximum size. Click Set. |
| Set OS display time | Advanced tab: Startup and Recovery section, click Settings and set Time to display list of operating systems to 3 seconds. | |
| Disable Error Reporting | Advanced tab: click Error Reporting and check Disable error reporting and But notify me when critical errors occur. | |
| Control Panel > User Accounts - move this to top of list ? | ||
| Verify Patron Account | Verify Patron account has been created; if not change an existing account name or create Patron account with Account type: Computer administrator | |
| Verify Guest Account | Verify Guest account is off; if not click Guest > Turn Off the Guest Account | |
| Create Computer Specialist Account | Click Create a new account, name: Computer Specialist, Type: Computer Administrator. | |
| Specify Computer Specialist Password | Click Create a password and specify a strong password | |
| Windows Defender | ||
| Installation | Download and install Windows Defender | |
| Configuration | ||
| My Computer | ||
| Disable Drive Indexing | Right-click each hard drive icon and select Properties. Uncheck Allow Indexing Service to index this disk for fast file searching, and select Apply to all folders and subfolders | |
| U | Hide Standard Buttons | View > Toolbars, uncheck Standard Buttons to hide Standard Buttons toolbar |
| U | Hide drive content | select the C: drive, click Hide the contents of this drive in the System Tasks sidebar |
| Recycle Bin Properties | ||
| Resize Recycle Bin | Global tab: select Configure drives independently, select system drive and specify the Maximum size of recycle bin to reserve 100 MB or less. For each non-system drive check Do not move files to the Recycle Bin. | |
| Registry Modification | ||
| Backup Registry | Start > Run, type regedit; File > Export…, select Export Range: All, filename RegXP and click Save | |
| Test/Configure Automatic Patron Login ??? | Restart system, follow this procedure if Welcome screen is displayed. [HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon] Create DefaultPassword: click Edit, click New, click StringValue, type DefaultPassword. Leave Value Data box null. d.c. AutoAdminLogon, set the value in the Value Data box to 1. Ref. MS Support 315231 | |
| Disable Low Disk Space Notification | [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] Add a Dword value called NoLowDiskSpaceChecks and set the Data Value to 1 to turn it off. | |
| Disable Mapped Drive Reconnect Warning | [HKCU\Network] Create a new DWORD called RestoreDiskChecked and set its value to 0. To re-enable the warning, set the value to 1. | |
| L |
My Computer/Local Machine Zone Active X security | [HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] Change the DWORD value at 1201 from 1 to 0. |
| Remove Other Files Stored group and Shared Documents from My Computer | [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\My Computer\NameSpace\ DelegateFolders] Delete the sub-key {59031a47-3f72-44a7-89c5-5595fe6b30ee} | |
| Disable ICMP Redirect | [HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect] Set the registry value to 0. | |
| Start Menu | ||
| L |
Redirect My Documents | r.c. My Documents > Properties > Target tab: click Move and specify Patron Files in My Network Places |
| U |
Create Temporary Shortcuts | right drag My Compuer onto desktop and select Create Shortcuts Here. Repeat for Control Panel. |
| Taskbar Context Menu | ||
| U |
Enable Quicklaunch | Toolbars > check Quick Launch |
| U |
Populate Quicklaunch | If necessary, add Show Desktop and Internet Explorer links; remove others, e.g. Media Player |
| U |
Display Large Icons | Properties > Start Menu tab: click Customize… > General tab: check Large Icons |
| U |
Hide Internet & Email | Properties > Start Menu tab: click Customize… > General tab: uncheck Internet and Email in the Show on Start Menu area |
| U |
Disable Recent Documents | Properties > Start Menu tab: click Customize… > General tab: reduce Number of programs on Start menu count to 0 |
| U |
Disable new program hilighting & pop-up | Properties > Start Menu tab: click Customize… > Advanced tab, uncheck Highlight newly installed programs |
| U |
Remove Start Menu items | Properties > Start Menu tab: click Customize… > Advanced tab and uncheck the following Start menu items: Help and Support, My Network Places, Run command, Search, Set Program Access and Defaults |
| U |
Hide Start Menu items | Properties > Start Menu tab: click Customize… > Advanced tab and check Don't display this item for the following Start menu items: Control Panel, My Computer, My Music, Network Connections, and System Administrative Tools. |
| U |
Hide Recent Documents | Properties > Start Menu tab: click Customize… > Advanced tab and uncheck List my most recently opened documents in the Recent documents area |
| U |
Verify Taskbar locked | r.c. Taskbar, verify Lock the Taskbar is checked |
| TweakUI - user: Patron | ||
| Installation | Install TweakUI, a component of the Microsoft PowerToys suite | |
| Prevent Applications from Stealing Focus | General > Focus - check Prevent applications from stealing focus, check Flash Taskbar button, specify 8 times | |
| Hide Recent Documents | Explorer - uncheck Allow Recent Documents on Start Menu | |
| Disable Shortcut Prefix | Explorer - uncheck Prefix "Shortcut to" on New Shortcuts | |
| Hide Workgroup Computers | Explorer - uncheck Show "View workgroup computers" in Net Places | |
| Disable Shortcut Overlay | Explorer > Shortcut - check Shortcut Overlay: none | |
| Hide Desktop Icons | Desktop - uncheck all Desktop Icons | |
| Disable Balloon Tips | Taskbar and Start Menu > uncheck Enable ballon tips | |
| Hide My Computer | My Computer - uncheck Control Panel in My Computer Icons | |
| L |
Hide Drives | My Computer > Drives - uncheck all drives except A, F, Y, and Z for Patron |
L |
Disable CD Autoplay | My Computer > AutoPlay > Drives - uncheck Y |
| Configure Auto Logon | Logon > Auto Logon - check Log on automatically at system startup, User Name: Patron | |
| Windows Activation | ||
| Activate Windows | Click the Key icon in Notification Area and follow the Windows activation procedure | |
| Windows Security Center ?? access via control panel | ||
| L | Disable virus monitoring | Virus Protection, click Recommendations…, check I have an antivirus program that I'll monitor myself. |
| Desktop Shortcuts | ||
| L |
Float Desktop Icons | r.c. desktop > Arrange Icons By > uncheck Align to Grid |
| Delete My Computer and Control Panel desktop shortcuts | ||
| Rename and hide TweakUI Icon | ||
| L |
Create Patron Shortcuts | Create desktop shortcuts to: Floppy Drive, Zip Drive, Flash Drive, My Documents (Patron Files) by right dragging their icons from My Computer and Start Menu. r.c. shortcut, select Rename and rename shortcuts. |
| Windows XP Home Post-configuration | ||
| Create Restore Point | click start > All Programs > Accessories > System Tools > System Restore. Select Create a restore point and click Next >, enter the description: Initial System and click Create | |
| Install and Configure Computer Specialist Applications | Ad-aware, ErrorScan, Sysinternals: Autoruns, Process Explorer, System File Defragmenter | |
| Configure Computer Specialist Desktop | Create and rename desktop shortcuts for all tasks with an [I] prefix in Maintenance Log | |
| Install and Configure Patron Applications | ||
| Remove Microsoft Java Virtual Machine | Microsoft Java Virtual Machine v1.1.4 Removal Tool at: http://www.majorgeeks.com/download.php?det=4158 |
|
L |
Install Java 2 Runtime Environment (JRE) | If necessary, install the Sun JRE at: http://java.sun.com/j2se/1.5.0/download.jsp |
populate and edit Patron start Menu |
||
clean up All Programs list |
||
XP can be configured to start without entering a user name or password. Select Run... from the start menu and type 'control userpasswords2', to open the user accounts application. On the Users tab, clear the box for Users Must Enter A User Name And Password To Use This Computer, and click on OK. An Automatically Log On dialog box will appear; enter the user name and password for the account you want to use. |
||
| Inspect and remove unnecessary startup applications | ||
| Sort All Programs List | Click start > All Programs, r.c. program list and click Sort by Name | |
L |
Install Patron Desktop | Delete all non-storage area desktop shortcuts, copy Desktop folder from File Server to C:, open Display Properties > Desktop tab: click Browse…, select C:\Desktop\rmMain.htm |
L |
Move NT Update Uninstall Folders | move $NTUninstall$ folders from C:\windows to E:\uninstall |
| Defragment System Drive | click start > All Programs > Accessories > System Tools > Disk Defragmenter. Select the system drive and click Defragment. | |
| Create a Restore Point | click start > All Programs > Accessories > System Tools > System Restore. Select Create a restore point and click Next >, enter the description: Final System and click Create | |
| L |
Backup System Partition | Use Partition Magic to copy system partition to unallocated space and mark as 'hidden' |
| L |
Remote System Backup | Install Backup utility on the XP Home CD, <cd drive:>:\valueadd\msft\backup\ntbackup.msi, and follow installation instructions. Backup system drive to server, start > All Programs > Accessories > System Tools > Backup |
| L |
Edit Boot.ini | Create a backup copy of boot.ini, boot.ini.backup. Open boot.ini, System > Advanced > Startup and Recovery Settings > Edit. Delete the second Windows XP entry in the system start menu |
Related Links
- 60 Minute Windows XP Tutorial
- An overview of several XP features and a number of tips on post installation customization.
- Windows XP Expert Zone
- Microsoft's Expert Zone community site has XP news, tips, columns and downloads.
- XP Professional How-to Articles
- Microsoft's collection of how-to's for individual users, small businesses, and IT professionals.
- XP Home How-to Articles
- Microsoft's collection of how-to's for home users.
- File Sharing and Permissions in Windows XP
- Describes the new interfaces that are introduced in Windows XP and how to enable, disable, configure, and troubleshoot file sharing.
- Windows XP Professional Resource Kit Documentation
- A comprehensive technical resource for installing, configuring, and supporting Windows XP Professional in networked systems.