Re: An interesting question, open to discuss

From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 03/27/03 

From: "Karl Levinson [x y] mvp" <levinson_k@excite.com>
Date: Thu, 27 Mar 2003 16:03:28 -0500

Gee, something like Knoppix sounds perfect for this. Linux OS on a bootable
CD. [I believe there's a release of Windows that will also run off of a
CD.]

Or you could look into a variety of "thin client" solutions.

The suggested use of Ghost makes sense, as I thought RIS with Win2000 was
just for rolling out 2000 Pro and not any applications like Office. If you
used RIS, I think other apps like Office would need to be reinstalled in
some way, e.g. through Group Policy, SMS, Novell Application Launcher /
ZENworks, etc.

Note that if booting the OS from a hard drive, the users will probably need
write permission to at least some of the folders, which means they might
still be able to save files there. You can try to discourage this through a
thoughtful Group Policy.

Some applications [I'm thinking like Norton Antivirus corporate edition] may
not work so well being bundled with an image. We found we had to leave
Norton out of the image and push an install from the NAV server. Other
antivirus programs may work better, not sure.

"Steven Aiello" <sma92878@hotmail.com> wrote in message
news:3E833906.8050302@hotmail.com...
> This is totally doable...
>
> First of all I would suggest to start off with common PC platform all
> one model of PC. Then set up the workstation exactly how you need it.
> Create a ghost image with any installed programs you may need. Also on
> your domain controller set up a group policy to hide the local drives
> and put them in place. Next you would set up a multicast ghost server.
> Each night you would reimage the workstations and use a SID changer to
> have all the workstations with different SIDs.
>
> I believe all of the processes can be automated.
>
> Steven M Aiello
>

Relevant Pages

  • Re: PPTP misery
    ... Domain PCs away from domain will not VPN. ... I am going to do what you ask re Firewall & Policy because I value your ... The only real difference between the domain workstations and the ... YourDomain.local> Group Policy Objects. ...
    (microsoft.public.windows.server.sbs)
  • Re: Active directory Group Policy (Win2k)
    ... Thanks for the pointer, that is obviously the way to go forward. ... We have a requirement to allow users, when logged on to certain workstations, to access Microsoft Office. ... We can give users access to the menu items by removing the group policy but this then gives all users greater access than required on other workstations. ... Posted via a free Usenet account from http://www.teranews.com ...
    (microsoft.public.security)
  • RE: Require Network login?
    ... In GPMC.MSC, use Group Policy Result wizard, generate a report with the ... Open Server Management, navigate to Advanced Management, Group Policy ... >>5 Windows XP Professional Workstations ... >>2 printers use print server and 1 printer connect to one workstation ...
    (microsoft.public.windows.server.sbs)
  • Re: Problems creating a domain level group policy
    ... > I am trying to create a domain-level group policy that prevents the last ... I have downloaded the GPMC and installed it on the server. ... Name the GPO "LastUserNotDisplayed" and click OK ... > not on the workstations. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Secure Out of the box?
    ... If you're deploying a bunch of workstations with virtually identical ... hardware, I'd use ghost - set up a machine as you wish, patch it, install ... > Now do the same step above and and install production applications ...
    (microsoft.public.windowsxp.security_admin)