Limited User cannot connect to Internet

By Ruthe ยท 29 replies
Oct 27, 2009
Post New Reply
  1. This is a solution, not problem. I searched here and spent over 5 hours looking around for the solution. Finally found it - for me - so I thought I'd pass it on.

    There are myriad postings for this problem with no working solution except to change the user back to Admin or power user status. WRONG! This work around assumes the person with the problem has a constant internet connection. But what about the 'on demand' user? ISPs provide it, but don't advertize it.

    These people have to click a Network Connection icon, usually the LAN or DSL connection before trying to access the internet. Sometimes they even have it set up with their ISP to enter their user ID and password - these are not kept by the user's machine or accessed by the ISP until they are entered by the user every time they want to log onto the internet. Actually, a great way for parents to cut down on youngsters' access to the internet. (However, it will not control where they go!)

    What most people don't realize is that enabling or disabling the network connection is not allowed by the limited user as a default of Windows! So the TRUE problem is 'Limited User can not enable network connection' and therefore can not connect to the internet. If this is your problem, read on.

    How to fix this problem in XP Home - similar in others. You must be logged on as an Administrator to do this.
    1. Make a system restore point. Start, Help and Support, Performance and Maintenance, Using System Restore to undo changes, Run the System Restore Wizard.
    2. Run registry editor. Start, Run. (type in) regedit (press) OK.
    The registry editor appears.
    3. Hilight/select (click once) HKEY_USERS.
    4. In the menu bar select File, Load Hive.
    At this point you have to navigate to the limited user. Press the up icon. You will see all your users (you will be at c:\docs and settings). Double click the name of the limited user. Let's assume it's Ruthe for this example. Select NTUSER.DAT.
    5. A popup window appears asking for the key name. Type in the name of your limited user (Ruthe).
    6. (in registy editor now) Open HKEY_USERS. You will see Ruthe - your limited user's name. Select that name.
    7. Go down the tree to find Software. Then Policies. Then Microsoft.
    8. Under Microsoft there should be a key named Windows. If it's not there, create it. (Edit, New, Key). Open it.
    9. There should be a key named Network Connections. If not, create it. Hilight it.
    10. Now select Edit, New, DWORD value. Give it the name NC_LanConnect.
    11. Double click it (in the right hand pane) and change the value data field from 0 to 1. OK.
    12. Go back up the left pane and hilight HKEY_USERS\Ruthe.
    13. Select File, unload hive. Close registry editor.
    14. Reboot.

    Worked for me and I thank the guy in France where I found this solution.
  2. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +184

    Thanks for taking the time and effort to create a very well written post for others! :grinthumb I'll have to remember that solution myself (can come in handy)
  3. Ruthe

    Ruthe TS Booster Topic Starter Posts: 70

    Thank YOU for your kind words. I probably should have put this in Guides and Tutorials. Drat!
  4. AntiMoronic

    AntiMoronic TS Rookie Posts: 27

    Incredible, fantastic guide. Will test this on my laptop of which has suffered this error for like forever. Thanks!
  5. ijasnijas

    ijasnijas TS Rookie

    thanks this helps me alot !!
  6. blessedtoes

    blessedtoes TS Rookie

    Help with this please!

    Hi guys-
    I am a user, not a techie, though I used to be very comfortable with reg edits in Win 2K. I have been searching for an answer to the above problem for literally 8 months and finally got the keywords right to find this post. First, let me say THANK YOU!
    Second, I am stuck on step 5. When select "ntuser.dat" and get the window asking for the Key, I type in the account name "Kitchen Counter User" and get an error message: "Cannot load C:\Docs & Settings\Kitchen Counter User\ntuser.dat.LOG: Error while loading hive." Subsequently the user isn't added to the HKEY_USERS list, and also a new empty file titled "ntuser.dat.LOG" is created. If I try to select this file via steps 4 & 5, it creates a "ntuser.dat.LOG.LOG" etc.
    I wondered if the spaces were creating a problem, so I created a new limited use profile for my daughter, "Stacey," and repeated the entire process. The same thing happened....
    Thanks in advance for any insight - this is the closest I have gotten to solving a thing that should not be a problem.
    With gratitude,
  7. jobeard

    jobeard TS Ambassador Posts: 11,170   +989

    An alternative

    An alternative, less complex and far less risking - - -

    run - > lusrmgr.msc

    click on Groups and you will notice the Network Configuration Operators
    open it
    click Add and insert any valid logon you please
    click OK and save the results
    after reboot, any users in the Network Configuration Operators group
    can manipulate the Network Settings, even from a LUA or UAC account
  8. blessedtoes

    blessedtoes TS Rookie

    Ruthe was offering this for help with XP Home. Your solution doesn't seem to work in the Home version.
    Once you open lusrmgr.msc, there's a big red X in the right panel that says "This snapin may not be used with this version of Windows."
    If I'm missing something, or if someone can help me troubleshoot my issue loading the ntuser.dat file, I'd be grateful for clarification.
  9. jobeard

    jobeard TS Ambassador Posts: 11,170   +989

    Yes, I understood Ruthe's intent -- I was not aware that group management was not available on Win/XP Home.
  10. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +184

    Hi blessedtoes

    I did a quick google based on your error message. See this link and note some one also listed modified instruction. Hope this might help
  11. jobeard

    jobeard TS Ambassador Posts: 11,170   +989

    Very interesting hack, but once loaded, the next restart of regedit will reload it again.
    Would think that it would load only for the active session.

    Even more disturbing: Load the Hive using an admin ID and then quit
    Launch regedit under LUA and it STILL loads the other hive ...
    Wonder what risks are associated here ??? puzzled ??
  12. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +184


    Good questions/points... Admittedly, i have no personal knowledge or info about this hack (i.e. never tried it) just found the google hit and passed it along (tho the link claims it worked and also they reference dougknox who usually has good info)..
  13. jobeard

    jobeard TS Ambassador Posts: 11,170   +989


    I have two ADMIN ids, & three LUAs

    From one ADMIN, I loaded #1LUA and the results were as noted above.
    I then logged onto the #1LUA with these exceptions:
    Windows can not find xxx profile; clicked OK as there's no other choice and the desktop has yet to appear.
    #$^& ; the same thing repeats

    Finally get a desktop and -- guess -- all customization is gone.
    In fact the ntuser.dat was rebuilt!

    I am attempting to annihilate #1LUA (id and the files) in an effort to get regedit to drop the loaded hive.

    I'll post my findings ...
  14. jobeard

    jobeard TS Ambassador Posts: 11,170   +989

    Well that works; after deleting the login AND the files,
    regedit no longer loades the #1LUA hive.

    Rather fatal to that user, however!
  15. jobeard

    jobeard TS Ambassador Posts: 11,170   +989

    just to be fair ;;;;;

    since loading SP3, my system has a few issues, but regedit has never been one of them
  16. blessedtoes

    blessedtoes TS Rookie

    Hi guys-
    Thanks so much for all the feedback. Unfortunately a lot of what you said is over my head since I am not a techie.
    LookinAround it seems that the page you linked essentially gives the same direction as what Ruthe posted - if there is a substantial difference I don't see it.
    Your comments on the test you ran jobeard are also over my head - are you saying this is a dangerous approach? Between the "Active session only" and "Fatal to that user" I am disinclined to keep working on this from this angle.
    Is it just me, or does it seem ludicrous that the most popular OS (I am not saying the best OS lol) is set up so that only admins can get online? Especially in a home version. I can see the value of that control in a corporate setting, but even then it seems like there should at least be an option!
  17. jobeard

    jobeard TS Ambassador Posts: 11,170   +989

    Be patient .. XP home or pro actually does get online for non-admin login's
    The home version needs to use the admin to config the net or the router, but 99% of the time
    that goes well. When your issues are resolved, you can too.

    That other stuff {CAVEAT EMPTOR!!} and loading other user profiles --- that's a "red herring" for you, just ignore it all and certainly DON'T use it.
  18. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +184

    I just now also followed your same steps, i.e.
    1. Created Limited User Account (LUA)
    2. Loaded the LUA Hive from the Admin Account
    3. Logged off of Admin and logged in as the Limited User and ,yes, Windows also gave me error messages as you said (e.g. it couldn't find the LUA's profile)

    HOWEVER... When i repeat your steps 1 and 2 and above and then Reboot (instead of logoff/login) the hive is unloaded and i can login to the limited user again (after the reboot) just fine

    Note if you look back at Ruthe's instructions, after finishing the hive edits, (see step #14) Ruthe says to Reboot :)
    /* edit 2 */
    I just noticed the first "ghack" post failed to mention it but the other post in that ghack thread also warns about first Unload Hive before logging on

    Regardless of above findings, your problem still seems to focused on you can't even load the hive. fyi... i tried creating two new LUAs on my machine: one with and one without embedded spaces, and i could load the hive just fine in both cases. So not sure why you seem to have this problem :confused:

    /*edit *
    @blessedtoes: Let me also check, are you sure your Limited User Account is logged out when you try to access the hive as Admin? (i.e. if you're "Switching Users" it won't work. Make sure the Limited User Account is logged out
  19. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +184

    Re: few issues since updating to SP3

    I think your SP3 update issues are unusual for anyone updating at this point in time (i.e. this late after the initial SP3 release). So i can't help but wonder if your problems are due to SP3 or is a side affect of whatever caused your update to not go smoothly in the first place when you ran the install update (if i recall, didn't you get many messages about missing files or such?).

    /* edit */
    @blessedtoes: Which makes me curious to ask... Are you running SP3 with all updates? not sure if you indicated such yet
  20. blessedtoes

    blessedtoes TS Rookie

    Yes, Lookinaround, I am fully current on updates. I can't get the hive to work no matter what Googling I have done. The only thing I can think to do is reinstall/repair the OS.
  21. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +184

    Not sure if this gets us anywhere but here's some things you might try

    1. Boot into safe mode. Immediately log into your Admin account and try again

    2. If this still fails, let's check if Windows will simply let you open either ntuser file using Notepad. If it denies you access, let's see what error message says. (if need be we can check NTFS permissions later)

    Start->Run, enter notepad. Click File->Open and navigate to the Doc and Settings / Kitchen User account and try to open the ntuser.dat file and ntuser.dat.log files with Notepad. Does Windows allow either?
  22. blessedtoes

    blessedtoes TS Rookie

    Thanks for your continued help on this. As for a question you asked some time ago I didn't see, yes I am actually restarting between procedures versus logging between or switching users. We have had some application functionality issues in the past when both are logged on so I figured it was 'safer' to restart to make sure I was avoiding issues related to whatever that problem is.
    So I tried the safe mode option with no luck; hive still won't load. Furthermore, in case I didn't mention this earlier, I can't get hive to load for any of our four users, I always get the same error message.
    Just to check, the "key name" I am entering is the user name.
    I had no problem opening the .dat file in Notepad. The .dat file has a string with some odd chars and the file name at the end of the string. The .dat.log file is empty.
    My understanding is that the goal is to get the user name to appear in the HKEY_USERS list so I can go in and manipulate the network connections settings. Based on this, I wasn't sure what to do - if anything - with the .dat file once it was opened in notepad. Also I thought it may be helpful to report what folder are in the HKEY_USERS list:


    In case that helps. I restarted after the failed Safe Mode attempt and checked the HKEY_USERS folder list again, and two files had been added:

    Thanks again.
  23. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +184

    Hmmmm... Frustrating problem you have!! A brief overview for perspective

    I'm thinking your problem can be caused by either a problem with
    > Your registry access permission and/or
    > Your file access permission or if the file is already in use

    We're using Notepad to simply test file access SUCCESS/FAIL to see if you can open both files ntuser.dat and ntuser.dat.log in the limited user account directory when logged on as Admin
    > If you can successfully open both files with Notepad, the test is done. It indicates file access is OK. So just close the files without changing content. (The files contain some binary data is why it displays as gibberish)

    Once you prove file access OK, then i suspect registry access. First thing that comes to mind: Anti-malware real-time protection might be disabling your registry access rights
    > Unplug your network cable
    > Turn off your antivirus software
    > Also check and turn off any of your other other anti-malware as well (e.g. if you have Spybot Teatimer it does r/t protection as well)

    Then try to load the hive again

    P.S. The key name you enter isn't really important (you could simply enter blotz for key name) It's just the local name assigned to the registry hive when it's loaded for you. You should select blotz , then click regedit File->Unload Hive and reboot when you;re all done
  24. blessedtoes

    blessedtoes TS Rookie

    That sounds great - thanks for the tutorial!
    I am wondering if ZoneAlarm or LogMeIn might be affecting the process. I almost always quit them on startup as they are so irritating (my own fault for not configuring them, I might as well uninstall at this point) but I have noticed recent versions of software like LogMeIn and AdAware restart themselves frequently.
    I will try your suggestion above and if it fails I will try a Windows repair and try again, if that fails I may uninstall ZA and LMI and try again - I will report back.
    Thanks so much for all your generous help!
    With blessings,
  25. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +184

    Hi Matthew

    Glad to try and help :)

    A few additional comments (based on your last post)
    1. I wouldn't think LogMeIn should affect registry access (though, of course, with computers all most anything is possible! :D)

    2. Do reconfigure and try turning off/disabling ZoneAlarm/AdAware/etc for your next attempt (per my last post) and all your antimalware products as they might be protecting and denying you registry access

    But when you say
    i have to double check to ask: You do normally run with antivirus, antispyware and firewall protection don't you? (Note you should only have ONE antivirus and ONE firewall product running)

    Hope your next round of tests produce good results!

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...