Re: Script help
From: Scott Fenstermacher (Scott.Fenstermacher_at_lrs.com)
Date: 02/08/05
- Next message: olivarbudia: "create a mailbox user"
- Previous message: Torgeir Bakken \(MVP\): "Re: enumerating child domain"
- In reply to: Al Dunbar [MS-MVP]: "Re: Script help"
- Next in thread: Al Dunbar [MS-MVP]: "Re: Script help"
- Reply: Al Dunbar [MS-MVP]: "Re: Script help"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 8 Feb 2005 14:06:41 -0600
I can see Al's point, to a point... Network administration is always a
balancing act of how much access do you want to grant users of these
computers and how much routine maintenence you want to perform on them, as
well as how much emergency surgery you are prepared to perform on the
computers when someone gets into something they shouldn't or loads something
they shouldn't, can't find something, can't do something, etc...
I was under the assumption (probably from a previous post reply) that these
computers would be for looking up books or something using one application.
If these are, in fact, writing lab computers, and students have their files
shared on a server somewhere on campus, then yes, individual accounts are
one possible way to go. Another alternative is a VPN(ish) connection,
initiated by the student to the "student domain" and entering their
credentials at logon. Regardless, I would still lock down the computer
itself as much as possible. I would not have them saving files on the
workstation, from what I remember of my college days that is begging for
trouble (and USB keys are cheap).
For a corporate environment, I'd be inclined toward using individual
accounts. In a college environment (underfunded, understaffed), where you
have people coming in and out of the computer area constantly, people who
may or may not have computer accounts (or that have accounts and have no
idea how to log in, what their password is, etc..), I would avoid the
headache of individual accounts. If you want to spend your time tracking
who was using what computer, that's up to you. Frankly I think auditing a
"commons area" computer is time that could be better spent elsewhere. If
the computer gives you trouble, dump a new image on it and be done with it.
--
Scott Fenstermacher
Network Engineer
Levi, Ray and Shoup, INC
"Al Dunbar [MS-MVP]" <alan-no-drub-spam@hotmail.com> wrote in message
news:OHRdp80CFHA.2620@tk2msftngp13.phx.gbl...
>
> "Scott Fenstermacher" <Scott.Fenstermacher@lrs.com> wrote in message
> news:OwIaJOjCFHA.4072@TK2MSFTNGP10.phx.gbl...
>> I'm not sure I'd like the potential of 2000 profiles on a single machine.
>> If these are shared machines, which it sounds like they are, then I would
>> create 1 LOCKED DOWN account on the network with a strong password, and
>> configure the machines to auto-logon to that account. You then would not
>> need the script, just log on the account and add the printer, followed by
>> making the account profile Mandatory so no one can mess with it. It
>> would
>> be a good idea as well to restrict that account to only logging on to
> those
>> machines.
>
> I'm not so sure I like the potential of not knowing who is using these
> workstations, and the users themselves might need NTFS authentication in
> order to access personal or shared storage on a server. There are tools to
> trim the profiles when they get old, or you could make the users all
> guests.
> This would not only prevent profile buildup, but would seriously impact on
> those trying to save files on workstations.
>
> /Al
>
>> Back to the original question: A few details about the network you are
>> running on would be helpful. For example, what kind of network is it?
> Are
>> the computers part of a domain? If so, do you have rights to administer
>> group policy?
>>
>> In lieu of that information, you could create your script on the C:\
>> drive
>> and add a shortcut (cscript //nologo c:\loginscript.vbs) to the script in
>> the Startup group for All Users. This should execute the script for all
>> users that log on to the machine.
>>
>> Dim oNetwork : Set oNetwork = WScript.CreateObject("Wscript.Network")
>> oNetwork.AddWindowsPrinterConnection \\PrintServer\PrintDevice
>>
>> --
>> Scott Fenstermacher
>> Network Engineer
>> Levi, Ray and Shoup, INC
>>
>> "shane200_" <shane200_@discussions.microsoft.com> wrote in message
>> news:4193F68E-B5D6-468A-A97F-1C4D90341664@microsoft.com...
>> >I am new to Scripts and I would like to know where do I put or type the
>> > Scripts? You see I have 7 XPs on a network for some students who use
>> > the
>> > college library. Each students use a logon name and password I would
> like
>> > when they logon The printer will add to the profile of the user, so I
>> > don't
>> > have to go and add the printer to 2000 student. Can you help me out????
>>
>>
>
>
- Next message: olivarbudia: "create a mailbox user"
- Previous message: Torgeir Bakken \(MVP\): "Re: enumerating child domain"
- In reply to: Al Dunbar [MS-MVP]: "Re: Script help"
- Next in thread: Al Dunbar [MS-MVP]: "Re: Script help"
- Reply: Al Dunbar [MS-MVP]: "Re: Script help"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
