Re: New employee, same computer -- what to do?
- From: ssbattaglia <ssbattaglia@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 12 May 2006 12:32:02 -0700
David,
Maybe I can be of some assistance. See below.
Let's see, I want to print to the $100 label printer, which *is* hung
off Mary's computer, since she uses it 90% of the time, and so it needs
to be within arm's reach of her, and we didn't want to buy an Ethernet
printer adapter for a $100 label printer, nor did we want to install a
separate computer just to run a $100 label printer. So it's on Mary's
computer. Now what's her computer called again? Was it Europa? Let's
see what shared devices Europa has. No, not there. Maybe Callisto?
Yes, that's it! Stupid IT department, it would have made more sense for
them to name the computer Mary so I could find it!
I agree with you here, it's silly to do this for your situation. Using a UNC
for computers works best when there are alot of employees, or things are hard
to keep track of so you use a trouble ticket system, and/or for companies
that have high turnover rates. I single handedly support an office of 80
users, and I would really have to be unwize to not name the computers after
the users for troubleshooting purposes etc.
I wanted to:
Rename a computer so that user A is not logging on with user B's name.
And make sure that this renaming process would not affect the computer
desktop and icons.
Assuming you are using Windows XP or Windows 2000 I would:
-From the server
1 Login as a domain admin.
2 Create the new user as part of the domain.
3 Assign rights to a shared network drive.
4 Logout.
-Adding new users from an existing installation
1 Log in as local admin.
2 Do not create a local user account (as it is not needed)
3 Rename the computer.
4 Reboot as needed.
5 Login to the domain with the new user (this creates the user folder, and
basically tells the registry to use that folder for said user holding SID
12345-123.... etc)
6 Logout of the new user after the pc has finished loading (pay no attention
to the layout etc.)
7 Login to the workstations local administrator account.
8 Show hidden files.
9 Find the old users profile and folder and delete the temp folders:
c:\documents and settings\olduser\local settings\temp
c:\documents and settings\olduser\local settings\temporary internet files
10 Take the entire contents of the old users folder (their profile) and CUT
and PASTE the files into the new users folder (profile) overwriting any and
all files contained within.
11 Logout of local admin.
12 Login to the domain, using the new user.
13 Enjoy
Depending on permissions and whether or not you are using any policies to
control access on the local machine, this should work well. I use this all
the time and haven't run into any major issues. Keep in mind that if you are
using any sort of email program you will have to redo profiles accordingly.
In your zeal to criticize the way we have done
things for 8 years, you didn't say much about that part of my question
or answer how to avoid the problem.
I agree with you here.
Rename a computer and also have the folder path name inside C:\Documents
and Settings\Whatever change to the new user name, just so we don't have
folders named after former employees. You also didn't address this part
of my question.
There isn't an easy way to have users use the same local profile. This is
more of a roaming profile task. I would suggest searching for 'Roaming
Profiles' if you wish to go that route. After you move the contents of the
previous profile to the new user, you can just delete the old folder.
Hope that helped.
Cheers!
Another company I work for (as a programmer, not as a network admin) has
180 employees, and their computers are named after the users who are
there, mostly so you know who to VNC into when you are helping them with
a problem. If the computers were named after asset tags, using VNC
would be one hella pain.
Your suggestions are noted, but I don't see any answers to my questions.
"DWalker" wrote:
Thanks, see my comments below..
"Oli Restorick [MVP]" <oli@xxxxxxxx> wrote in
news:#eDOeL9QGHA.5116@xxxxxxxxxxxxxxxxxxxx:
Hi there
"DWalker" <none@xxxxxxxx> wrote in message
news:eh14Cj8QGHA.2536@xxxxxxxxxxxxxxxxxxxxxxx
By "local account" I mean there is a local username that is createdThe only local accounts you have to have are administrator and guest
when the computer is set up... When you first install Windows (or
turn on an OEM computer for the first time) it asks you for "your
name". Doesn't that name become a local logon? There is a list of
users who are allowed to log on to the local computer, and that's
what I meant by local account. Don't you HAVE to have a local
account? Maybe my terminology is wrong (I am a programmer but I
don't have formal network or AD training).
(the latter is disabled by default). When you set up an XP machine to
be part of a workgroup (rather than a domain), you are taken through a
wizard that asks you to create local accounts. If you join the domain
during setup, you don't get this. If you are prompted to create user
accounts, just create a dummy one and delete it when you're joined to
the domain.
Never seen anyone do it in practice.It is not considered good practice to rename user accounts to deal
with peopel coming and going. I have never heard of people doing
that before.
Never? No one does this? Not even in small companies?
How do you name your computers?Personally, I use the asset tag (serial number) of the machine as its
names. Other naming shcemes I've seen are based on location. For a
small company, how about naming machines after something abstract
(e.g. moons of Jupiter), cartoon characters, or something like that?
In which case, there's no real need to rename user accounts to ensureWhen giving permissions to various resources, use groups. As a
general rule (home directories being the exception), never assign
permissions on a resource to a user directly. Give a group (e.g.
"Marketing department") permission to a resource, and make the
relevant users a member of that group.
There are 7 people in the company; everyone does marketing; and
basically everyone has an occasional need to see files stored in the
various subfolders on the one shared directory on the server. So we
don't make big use of groups. Maybe we should, and everyone does
have a good domain logon password, but everyone has access to all the
shared files on the server. (That is, we actually do use groups, and
everyone is a member of the one group.)
people have access to the correct resources, since everyone pretty
much has access to the same things.
We have always named a computer after the user who is sitting inThis is always an issue when people want to migrate from workgroups to
front of it. Usually the user outlasts the computer (the employees
have generally been here 10+ years, while the computers last about
three). I didn't know of any other logical way to assign things; as
I said, when I have reinstalled Windows on a computer, it asks "what
is your name" so I gave it the user's name, and that became (I think)
a local logon. There is also a domain logon for that user.
I want to preserve the icons on the desktop, as I mentioned before,
and those seem to change when you log in and out using different
names.
domains (or in your case a hybrid kind of setup).
So bottom line, the computer is *currently* named after the previousIt can be, but then you come up against issues where people come and
person who sat in front of it. I really can't go back in time and
change that. Now, I would just as soon name the computer after the
new person who is sitting in front of it, so that we know that it's
Jane's computer when we see it in network neighborhood, or want to
connect to it to use her label printer, or whatever. That's the
easiest and most logical way to name a computer, it seems.
go. It's a compromise.
In bigger environments where you never hang printers off the back of
PCs, and have better processes to keep track of machines, the computer
name is often irrelevant.
Even if I decided to no longer name it after a person, but insteadRenaming a computer doesn't affect user settings.
want to call the computer and the logon Reception or whatever, I
would still have the same question. How do you rename a computer and
change the local logon and preserve the icons on the desktop and the
files in the My Documents folder?
I am not so concerned about getting access to theI hope they're being backed up regularly.
domain resources (the one shared folder); I know how to do that.
(The important files are on the server, but a few not-so-important
files are in My Documents, which is local to the computer, and I
would like to keep them there.)
So probably we have done things non-optimally, but now that thingsRenaming the computer isn't an issue in this regard. Just go ahead
are the way they are, how can we rename the computer and the logon
and keep the icons and local documents?
and rename it. Of course, if you have printers and other things that
are shared, there will be a bit of trauma as this changes, but with
only 7 PCs it should be fairly easy for your people to work things
out.
I would, however, recommend that the way forward is to dispense with
the local accounts and just use domain accounts, certainly for any new
employees.
Regards
Oli
Thanks for the suggestions.
Let's see, I want to print to the $100 label printer, which *is* hung
off Mary's computer, since she uses it 90% of the time, and so it needs
to be within arm's reach of her, and we didn't want to buy an Ethernet
printer adapter for a $100 label printer, nor did we want to install a
separate computer just to run a $100 label printer. So it's on Mary's
computer. Now what's her computer called again? Was it Europa? Let's
see what shared devices Europa has. No, not there. Maybe Callisto?
Yes, that's it! Stupid IT department, it would have made more sense for
them to name the computer Mary so I could find it!
I wanted to:
Rename a computer so that user A is not logging on with user B's name.
And make sure that this renaming process would not affect the computer
desktop and icons. In your zeal to criticize the way we have done
things for 8 years, you didn't say much about that part of my question
or answer how to avoid the problem.
Rename a computer and also have the folder path name inside C:\Documents
and Settings\Whatever change to the new user name, just so we don't have
folders named after former employees. You also didn't address this part
of my question.
Another company I work for (as a programmer, not as a network admin) has
180 employees, and their computers are named after the users who are
there, mostly so you know who to VNC into when you are helping them with
a problem. If the computers were named after asset tags, using VNC
would be one hella pain.
Your suggestions are noted, but I don't see any answers to my questions.
David Walker
- Prev by Date: Custom AD/LDAP Attribute (in the User Schema)
- Next by Date: Add XP to domain Q.
- Previous by thread: Custom AD/LDAP Attribute (in the User Schema)
- Next by thread: Add XP to domain Q.
- Index(es):
Relevant Pages
|
