One of our classrooms is going to have systems with hard drive caddies in them so the students can swap the caddies out to put in hard drives that can be formatted, install XP on etc
However, this opens a security hole in meaning we have to allow them to boot from CD in the BIOS. Therefore, are they are utilities etc to prevent a particular hard drive from getting formatted? We do use Deep Freeze but that is useless if they stick in a XP CD and select 'Format'!
I think you'd be better off using virtualisation.
Have you thought about what will happen when the kids start putting the hard drives back in the wrong computers, if they're not all identical (or running OEM XP with activation) it could be a nightmare.
Last edited by K.C.Leblanc; 24th August 2009 at 03:48 PM.
The short answer is: no, not on a hardware level like you need.
I think the logical approach here would be to keep an available restore image in the event this happens. Secondly, you could label the drives which are not to be formatted 'Do not format' instead of 'Local Disk'. At system level there is no way to stop hard drives being formatted.
If you set the default boot device as the CD-ROM drive, password the BIOS, then save changes, students should have no reason to go into the BIOS. If a computer fails to boot from the primary device, it will automatically boot from the secondary device.
What about when one of the darlings waltzes off with an XP installation disk and copies it in the library? Couldn't a teacher demonstrate (several times, if necessary) how to get into BIOS, boot from a CD and start the process? When the students come to doing the installation themselves, couldn't it all be in a virtual setup (i386 folder residing somewhere and run winnt32.exe etc.) so they can become familiar with the blue text-based and GUI phases? I know that the key can be incorporated into the installation CD or files so they wouldn't have to know the key (how long before it became public knowledge?) but obviously they would need to know what it is and when it's entered.
You can install XP SP3 and later without needing to input a serial at setup.
Either dig out some older computers that have enough ram and power etc to run xp and let them have full access to a few computers or get some computers that you are going to re image and temporarily un password protect them and let them have access to them for doing the above mentioned and then when you re image them password protect the bios again etc
I think K.C.Leblanc hit the nail on the head on this one. Why not give students access to some virtualisation software like Virtual PC or VirtualBox? They can access the Windows boot CD's from a shared iso's folder so no need to give them any access to a physical CD drive. They can do what they like to the machines and you can delete the virtual hard disks later.
If these are v.old underpowered machines that you are adding caddies to then I can just about understand what you are doing. If you are buying brand new machines then virtualisation has to be the better answer. Whatever you by new today must surely have enough power to run a virtualised environment.
And VM software = free. A lot cheaper than an extra 30 hard drives.
A - plenty of RAM
B - persmissions on the ISO on the network drive do not allow them to copy it ( assuming you are using an SP 3 ISO that does not require a serial number )
C- how do you apply security to the virtual xp machines ie group policy etc so they arent applying dodgy background wallpapers or w/e else
D - How will this effect licensing as far as xp on virtual machines ?
Thanks for the suggestions, I think they made the decision to get the caddies again 'because the old ones had em!' (These are brand new machines!). I may tempt them to try out virtual machines on at least one machine this year as I had that idea myself.
They do have several old machines to mess around with but still need to use the main machines too (Don't ask my why, this has been the case since before I started employment at the place!!)
Think I'll have to ask the tutor how they did it with the old machines. Theoretically the darlings would go to a locked cupboard, get their hard drive out, swap out the caddy, do their work then replace the system drive caddy at the end of the lesson. Theoretically.
Just thought there would be some sort of utility kicking around somewhere to prevent a 'accidental' format etc. Although we do have an image on the hidden partition I suppose assuming they don't wipe that!
We had two suite running at 512MB with VPC 2007 running an XP guest without too many problems. Obviously ram would be maxed out but it worked ok. 1GB would be plenty in most cases.A - plenty of RAM
We only use premade VHDs of fresh XP installs but we created a GPO that would dump the VHD into c:\program files\Virtual XP\. I'm assuming you could do something similar with an ISO, then just give them appropriate security rights to that folder. Although personally I wouldn't like students having any access to XP install media at all.B - persmissions on the ISO on the network drive do not allow them to copy it ( assuming you are using an SP 3 ISO that does not require a serial number )
Our VirtualXPs aren't connected to the network, but any changes made to the VHD during the users session is wiped and it reverts back to its previous state.C- how do you apply security to the virtual xp machines ie group policy etc so they arent applying dodgy background wallpapers or w/e else
If they just need to learn about how to setup windows, configure etc... then I would strongly advice going the VM route. It's much more secure than allowing them access to the physical hard drives/BIOS and saves money/time.
There are currently 1 users browsing this thread. (0 members and 1 guests)