I'm working on configuring a kiosk PC at work. The only big problem I've run into is that I can't seem to disable the shutdown button in the control+alt+delete menu without also disabling the power button on the computer itself (so only employees can shut it down). Disabling the control+alt+delete menu entirely for specific users is also acceptable.
The only real answer I've found involves writing my own GINA stub, and that's a bit beyond the scope of the project (and my abilities).
Additional Details: The explorer shell isn't used at all, A program that relaunches the kiosk application if it dies is used as the shell. The computer will also be locked in a cabinet, leaving the users access to only the monitor and kb/mouse.
regedit hacks -
(prevent) shutdown without logon:
works up to XP - haven't tried it with >= win7
Ctrl+Alt+Del when logged on:
Start menu:
Have you considered using Microsoft SteadyState?
There's also a utility that allows you to easily enable or disable Task Manager.
I think this method addresses what you need. I'm not sure if this affects the power button or not (may depend on the bios power settings).
Not sure if this kiosk is part of a domain. If you are logging in as a certain user, then you could create a GPO that prevents Shutdown, and tie it to an OU with that user in it. Your employees' logins would not be in the OU, so they would not get the GPO, and will retain the ability to Shutdown via the start menu. We do this in our call center, where we want the PC's left on overnight, so they can be patched. If they really need to be shutdown, an admin or manager can login, and shutdown.
I neglected to register earlier, and I can't add a comment, so I'm just going to add this as an answer.
I'm a bit far into the project to consider using another method of locking down the computer (like SteadyState), and everything but the shutdown button and ctrl+alt+delete are locked down, but I'll keep it in mind for the future.
As for the computer being part of a domain, no, it's not on a domain and the user is a local user.
I'll look at the method that zerrias' suggested tomorrow and see if it does what I need.
I've found a way to disable the ctrl+alt+del menu for authenticated users. Turns out I did need to use a gina stub (actually, I modified an existing stub).
This gina stub apparently has several extra features such as forced logon / logoff scripts and disabling the ctrl+alt+del prompt before logging in without editing the registry. I had to use this one since Microsoft's example in the Windows XP platform SDK would not start up properly for me, and I couldn't find another suitable stub.
The only modification I made to the stub was to change the contents of WlxLoggedOnSAS in gina.c to
I then built the project in Visual Studio and moved the resulting newgina to C:\Windows\system32
The last step was to add a registry key to get it to load the gina stub on startup
Drawbacks:
This also disables ctrl+alt+del for administrators, but they have the start menu, so it isn't really a problem for me. Could probably be fixed with a little modification
If you don't use the explorer shell, you aren't able to log out, resetting the computer is your only option. It might be possible to use another program to register a hotkey for logging out.
The screen flickers for a fraction of a second when ctrl+alt+del is pressed.
May not work on XP SP3 or Vista (according to several threads on other sites)
Note:
I don't have a binary version of the modified stub on hand right now (and Google's OpenID login is blocked at work, so I can't upload it from there,) but if you want to compile the stub yourself, just get the Visual C++ Express Edition and open the project, then replace the code inside WlxLoggedOnSAS in gina.c with the code mentioned earlier. When you build it, you should end up with a newgina.dll