Granting all users Admin Rights
From: Leo (boeglinl001@hawaii.rr.com)
Date: 05/17/02
- Next message: Rick: "Starting and stopping services"
- Previous message: chris b: "SP3?"
- In reply to: Robert A Klopotoski Jr: "Granting all users Admin Rights"
- Next in thread: JB Fields: "Re: Granting all users Admin Rights"
- Reply: JB Fields: "Re: Granting all users Admin Rights"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Leo" <boeglinl001@hawaii.rr.com> Date: Fri, 17 May 2002 10:38:48 -0700
Rob,
You are exactly correct!! Stand firm!
I am an Information Systems Security Officer for the
Army. I am responsible for the upkeep and security of 50
computers in my unit and have the exact same issues.
Standard users can do everything they need without admin
rights. You stated it exactly right, keeping them out of
the admin profile will prolong your computers life! I
know from experience.
Leo
>-----Original Message-----
>Hello All,
>
>I am currently the network manager at a small college
with about 250
>faculty and staff compuers(1500 students). I am in the
middle of
>implementing a windows 2000 domain. The network is
currently peer to
>peer workgroups with win95, 98 and 2000 clients. In the
process of
>building the domain, I am also trying to get every client
onto windows
>2000 so I can take advantage of the many features it
allows in
>conjunction with active directory. The most important
thing to me
>since I am starting from scratch is setting up rules and
guidelines
>for the users of the network. My background before
working here was
>working at a high-tech engineering company.
>
>Recently I have hit a snag with the management here where
we cannot
>agree on whether or not users should be allowed local
administrative
>rights on their machines. In my last company I was
forced to give
>admin rights to most users so they could develop and
install hardware
>on their local machine. I don't really see the need for
the rights
>here, but the people making the executive decisions
disagree with me.
>I am curious to know how other colleges or academic
institutions deal
>with this issue. It is my opinion that people should not
need admin
>rights as a function of their job and any software
installations
>should be routed through IT. The people making the
decisions feel
>that restricting rights would infringe upon adademic
freedom.
>
>I see several problems with granting a regular user admin
rights. The
>main reason is that system files become accessible and
could be
>corrupted very easily by accidental clicks, viruses,
etc... I also
>want to be able to control the licensing of software, and
want to keep
>the shareware to a minimum. Not having admin rights
greatly reduces
>their ability of screwing things up on the machine. It
also increases
>the security of each machine by knowing that many
services can't be
>inadvertantly disabled or uninstalled.
>
>The users that I am referring to are all Faculty and
Staff. Each
>person has a machine in their office to use. We are not
an
>engineering school or anything like that, and only have a
few teachers
>who teach computer related fields.
>
>If some people could give their feelings on this it would
be greatly
>appreciated. I apologize if some of you feel this isnt
the right
>newsgroup, but to me this seems like a security issue.
Mainly my
>question is asking how other groups handle this? Should
we give in
>and grant rights to everyone, or is it important to stand
firm on my
>own opinion.
>
>Thanks in advance
>Rob
>.
>
- Next message: Rick: "Starting and stopping services"
- Previous message: chris b: "SP3?"
- In reply to: Robert A Klopotoski Jr: "Granting all users Admin Rights"
- Next in thread: JB Fields: "Re: Granting all users Admin Rights"
- Reply: JB Fields: "Re: Granting all users Admin Rights"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
