Disable all power options from the Start menu

0
votes

I'm working on an application that resembles a kiosk. After the application starts, it creates a new desktop and using a key combo I can move back and forth between desktops.

This newly created desktop needs to have limited capabilities. In order to do this, I've used RegCreateKeyEx and RegSetValueEx functions to create or modify the registry entries for Task Manager, Change Password, Lock, Shut Down, User Switching and Log Off. I've disabled Log Off from two locations, HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE, using the code below:

bool RegistryUtilities::changeSingleFeature(HKEY regKey, LPCWSTR subKey, DWORD value, LPCWSTR valueName)
{
    bool resultOk = false;
    HKEY hkey;
    DWORD dwDisposition;
    if (RegCreateKeyEx(regKey, subKey, 0, NULL, 0, KEY_WRITE, NULL, &hkey, &dwDisposition) == ERROR_SUCCESS) {
        if (RegSetValueEx(hkey, valueName, 0, REG_DWORD, (PBYTE)&value, sizeof(DWORD)) == ERROR_SUCCESS){
            resultOk = true;
        }
        RegCloseKey(hkey);
    }
    return resultOk;
}

bool RegistryUtilities::changeAllFeatures(DWORD value)
{
    bool resultOk = true;

    /// Task Manager
    HKEY regKey = HKEY_CURRENT_USER;
    LPCWSTR subKey = L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System";
    LPCWSTR valueName = L"DisableTaskMgr";
    if (changeSingleFeature(regKey, subKey, value, valueName) == false)
        resultOk = false;

    /// Change Password
    valueName = L"DisableChangePassword";
    if (changeSingleFeature(regKey, subKey, value, valueName) == false)
        resultOk = false;

    /// Lock
    valueName = L"DisableLockWorkstation";
    if (changeSingleFeature(regKey, subKey, value, valueName) == false)
        resultOk = false;

    /// Log Off
    subKey = L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer";
    valueName = L"NoLogOff";
    if (changeSingleFeature(regKey, subKey, value, valueName) == false)
        resultOk = false;

    /// Shut Down
    valueName = L"NoClose";
    if (changeSingleFeature(regKey, subKey, value, valueName) == false)
        resultOk = false;

    /// User Switching
    regKey = HKEY_LOCAL_MACHINE;
    subKey = L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System";
    valueName = L"HideFastUserSwitching";
    if (changeSingleFeature(regKey, subKey, value, valueName) == false)
        resultOk = false;

    return resultOk;
}

Even all these options are disabled the "Log Off" option on the start menu is still visible and working. In the CTRL+ALT+DEL menu, everything is disabled, only a Cancel option is present, as I intended.

As a curiosity, in changeAllFeatures function I've changed the order in which changeSingleFeature is called, beginning with the calls for the Log Off option and I was not surprised to see that in the CTRL+ALT+DEL menu everything was still disabled, but in the Start menu the Log Off was disabled, but every other option (Shut Down, Switch User, Lock etc.) was enabled and working.

Is it possible to disable all this options, including the Log Off?

1
c++winapiregistry
Please don't mark C++ code as runnable Javascript. I fixed this. - David Heffernan
If you want a kiosk, use your own shell - David Heffernan
I think you'd have better luck asking this question on SuperUser. It's probably better solved with Windows configuration rather than code. - Carey Gregory

1 Answers

0
votes

I've tried numerous ways to do this and I think it's impossible. I've tried winapi code (as seen in the post), I've tried direct registry editing (using regedit) and through a group policy and nothing seems to work. I've come to the conclusion (it's my guess, I'm not sure) that this is a safety feature on Windows because if you are able to remove all power options and log in/log off you won't be able to do a normal shut down, and in the case of a power failure for example, you won't be able to acces your pc, past the log in desktop, since that will be disabled.