Re: Script help
From: Scott Fenstermacher (Scott.Fenstermacher_at_lrs.com)
Date: 02/09/05
- Next message: Kevin: "Local Admin Script"
- Previous message: J Ford: "RE: Script to read Web page source given HTTP: URL"
- In reply to: Al Dunbar [MS-MVP]: "Re: Script help"
- Next in thread: Michael Harris \(MVP\): "Re: Script help"
- Reply: Michael Harris \(MVP\): "Re: Script help"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 9 Feb 2005 08:42:16 -0600
Deep Freeze? Is that a software product? I haven't heard of that one...
A community college I used to teach night classes at (in southwest Kansas,
so I had alot of time to study for myself too :) used a hardware based card
that did the same thing. My only complaint was that it never WARNED the
students when they "saved to the hard disk" that their changes would be lost
upon reboot. For some reason they didn't like re-writing their C++
programs, I don't know why... I'm just glad that it wasn't my network to
take care of.
And Al's absolutely right, the owners should make the decisions about access
rights on their computers. Just be sure to make a strong, Strong, STRONG
case for your preference to them. Anticipate counterpoints and prepare
arguments to them. I hate to say it's alot like being a lawyer trying a
case, but sometimes I really feel like it is.
--
Scott Fenstermacher
Network Engineer
Levi, Ray and Shoup, INC
"Al Dunbar [MS-MVP]" <alan-no-drub-spam@hotmail.com> wrote in message
news:uE4p2slDFHA.560@TK2MSFTNGP15.phx.gbl...
>
> "Scott Fenstermacher" <Scott.Fenstermacher@lrs.com> wrote in message
> news:O$%23%23mmhDFHA.2568@TK2MSFTNGP10.phx.gbl...
>> I can see Al's point, to a point... Network administration is always a
>> balancing act of how much access do you want to grant users of these
>> computers and how much routine maintenence you want to perform on them,
>> as
>> well as how much emergency surgery you are prepared to perform on the
>> computers when someone gets into something they shouldn't or loads
> something
>> they shouldn't, can't find something, can't do something, etc...
>>
>> I was under the assumption (probably from a previous post reply) that
> these
>> computers would be for looking up books or something using one
> application.
>> If these are, in fact, writing lab computers, and students have their
> files
>> shared on a server somewhere on campus, then yes, individual accounts are
>> one possible way to go. Another alternative is a VPN(ish) connection,
>> initiated by the student to the "student domain" and entering their
>> credentials at logon. Regardless, I would still lock down the computer
>> itself as much as possible.
>
> There is one area where we definitely agree.
>
>> I would not have them saving files on the
>> workstation, from what I remember of my college days that is begging for
>> trouble (and USB keys are cheap).
>
> Ditto.
>
>> For a corporate environment, I'd be inclined toward using individual
>> accounts. In a college environment (underfunded, understaffed), where
>> you
>> have people coming in and out of the computer area constantly, people who
>> may or may not have computer accounts (or that have accounts and have no
>> idea how to log in, what their password is, etc..), I would avoid the
>> headache of individual accounts.
>
> Hopefully such decisions are not left up to those administering the
> infrastructure, but made by those who own it.
>
>> If you want to spend your time tracking
>> who was using what computer, that's up to you.
>
> I don't *want* to do this, but when I am *asked* to, I don't want to have
> to
> say that I can't do that.
>
>> Frankly I think auditing a
>> "commons area" computer is time that could be better spent elsewhere. If
>> the computer gives you trouble, dump a new image on it and be done with
> it.
>
> We have dabbled with a product called "deep freeze" for such applications.
> When you reboot, the original image is automagically re-applied.
>
> /Al
>
>
>>
>> --
>> Scott Fenstermacher
>> Network Engineer
>> Levi, Ray and Shoup, INC
>>
>> "Al Dunbar [MS-MVP]" <alan-no-drub-spam@hotmail.com> wrote in message
>> news:OHRdp80CFHA.2620@tk2msftngp13.phx.gbl...
>> >
>> > "Scott Fenstermacher" <Scott.Fenstermacher@lrs.com> wrote in message
>> > news:OwIaJOjCFHA.4072@TK2MSFTNGP10.phx.gbl...
>> >> I'm not sure I'd like the potential of 2000 profiles on a single
> machine.
>> >> If these are shared machines, which it sounds like they are, then I
> would
>> >> create 1 LOCKED DOWN account on the network with a strong password,
>> >> and
>> >> configure the machines to auto-logon to that account. You then would
> not
>> >> need the script, just log on the account and add the printer, followed
> by
>> >> making the account profile Mandatory so no one can mess with it. It
>> >> would
>> >> be a good idea as well to restrict that account to only logging on to
>> > those
>> >> machines.
>> >
>> > I'm not so sure I like the potential of not knowing who is using these
>> > workstations, and the users themselves might need NTFS authentication
>> > in
>> > order to access personal or shared storage on a server. There are tools
> to
>> > trim the profiles when they get old, or you could make the users all
>> > guests.
>> > This would not only prevent profile buildup, but would seriously impact
> on
>> > those trying to save files on workstations.
>> >
>> > /Al
>> >
>> >> Back to the original question: A few details about the network you
>> >> are
>> >> running on would be helpful. For example, what kind of network is it?
>> > Are
>> >> the computers part of a domain? If so, do you have rights to
> administer
>> >> group policy?
>> >>
>> >> In lieu of that information, you could create your script on the C:\
>> >> drive
>> >> and add a shortcut (cscript //nologo c:\loginscript.vbs) to the script
> in
>> >> the Startup group for All Users. This should execute the script for
> all
>> >> users that log on to the machine.
>> >>
>> >> Dim oNetwork : Set oNetwork = WScript.CreateObject("Wscript.Network")
>> >> oNetwork.AddWindowsPrinterConnection \\PrintServer\PrintDevice
>> >>
>> >> --
>> >> Scott Fenstermacher
>> >> Network Engineer
>> >> Levi, Ray and Shoup, INC
>> >>
>> >> "shane200_" <shane200_@discussions.microsoft.com> wrote in message
>> >> news:4193F68E-B5D6-468A-A97F-1C4D90341664@microsoft.com...
>> >> >I am new to Scripts and I would like to know where do I put or type
> the
>> >> > Scripts? You see I have 7 XPs on a network for some students who use
>> >> > the
>> >> > college library. Each students use a logon name and password I would
>> > like
>> >> > when they logon The printer will add to the profile of the user, so
>> >> > I
>> >> > don't
>> >> > have to go and add the printer to 2000 student. Can you help me
> out????
>> >>
>> >>
>> >
>> >
>>
>>
>
>
- Next message: Kevin: "Local Admin Script"
- Previous message: J Ford: "RE: Script to read Web page source given HTTP: URL"
- In reply to: Al Dunbar [MS-MVP]: "Re: Script help"
- Next in thread: Michael Harris \(MVP\): "Re: Script help"
- Reply: Michael Harris \(MVP\): "Re: Script help"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
