Enable right-click on HP thin clients -t5720

Question

I'm setting up a computer laboratory with used thin client for a school.

I have everything intact, however, I prefer that each rdp session will start automatically once the thin client boots.

one way i know this could be achieved is to save the rdp as a shortcut and drag it into the startup menu items.

Nonetheless, I'm unable to achieve this since right click is disabled.

I have downloaded and reinstalled the xp Embedded os, hoping that it would clear the right-click context menu lock down but no dice.

Is there anyway to remove that restriction or achieve the above goal without the need for right-click?

My host pc is a Windows 7 professional system. All thin clients' model is T5720

Thanks in advance.

Answer 1

Cory's answer was indeed the right answer because you can temporarily disable the user User security with the link in the Administrative tools (AT), make changes and then use another link in the AT "Enable User Security".

I was searching for a solution on how to enable the right click and because I do not see red every time I see the word security this pointed me in the right path of how to solve my issue and also keep the restrictions of the user User account intact.

So if you want to have only right click but also have the restrictions intact you take these steps:

disclaimer! - my thin client is HP T630 so this may not work for you on different model.

1. AT - Disable User security (as admin)
2. logoff admin, login as User.
3. regedit - we will edit the subreg key below but first we should make a backup (backup of the main key {Policies} - right click -> export)

[HKEY_USERS\S-1-5-21-2167204484-2011057363-2869133631-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]

"NoViewContextMenu"=dword:00000001

to

 "NoViewContextMenu"=dword:00000000

the SID is the SID of the user User account - yours will be different except of the last "-1000."

4. logoff User, login as admin

5. AT - Enable User Security

6. logoff admin, login user - test result.

Let me share few more details when I have already spent my time playing with this. you can find the SID by running command:

whoami /user (when logged as the user User)

control panel - administrative tools - "disable user security" and "enable user security"

C:\Windows\System32\unsecure_user.cmd
C:\Windows\System32\secure_user.cmd

So in administrative tools are these 2 links, and those actually run an .exe stored in \System32 from HP (hidewin.exe) to which the .cmd are supplied as arguments. The .cmd are stated on the "Target" field when looking at the properties of the link with right-click/properties.

What do they actually do?

Unsecure:

• Loads the user User definition from C:\Users\User\NTUSER.DAT into the registry hive HKU (hive key Users) because normally the keys are not present when the user User is not logged in.
• Copies the main keys and subkeys into backup registry directories "\PoliciesSaved". (see the mainkey on above)
• Then deletes the main keys and subkeys.
• Tells the result.
• Unloads the user User definition from the main hive key HKU.

Secure:

• partially opposite step to the unsecure steps. Loads the user definition from NTUSER.DAT
• Copies the main key and subkeys from the backup directory to the main live registry directory.
• Deletes the backup directories.
• Tells the result
• Unloads the user User definition from the main hive key HKU.

Hopefully this maybe helps somebody as it helped me. I wasn´t able to figure out how the restrictions are set. My bet were local policies or registry changes but I didn´t know there are direct options for this in the Administrative tools. With this knowledge everything became possible.