Write Protection and changing passwords.

[Lasse]

I have an embedded system with XPE on C: which is EWF RAM Write protected.
D: is not write protected.
A requirement is that it shall be possible to add/delete users and change
password.

I don't want to make "EwfMgr -commit" after changing password.

How shall I solve this.

One idea is to edit the location for SAM in Registry
"HKLM/System/CurrentControlSet/Control/Hivelist".
Then move the SAM hive to the new location (on D.
Will that do what I want?

Lars Engdahl

 

[KM]

Lasse,

Seems like your system volume is write protected, right? (and this is a good
use of EWF). However, you want to make some changes in the registry on the
system volume, make them persistent but not to commit EWF?
This sounds to me a little bit weird thing to do. You could move the
"\config" system dir (search this NG archive on how to accomplish that) to a
non-protected volume (I don't think you'll be able to move only SAM hive),
but then you loose the point of EWF system protection.

Why don't you want to commit the changes? Adding/deleting users and changing
their passwords is usually considered as an admin task and it should be fine
for admin ("who knows what he is doing") to commit the changes. He may
reboot device first to clean up all the unwanted changes being made on the
system by end users.

Also, you may have your own user database (e.g., encrypted text file) on a
non-protected volume that will be loaded by the system script at every boot.
Does not sound like an easy task to do but may not be so hard to implement.