I am just trying out the trial version of AB Tutor after trialling Lanschool.
Maybe I am doing something wrong but what stops students simply going to the control panel and uninstalling it? Lanschool was protected and needed the install program before uninstalling.
Is this too obvious or am I doing something wrong? Shouldn't there be a password at least?
I suppose the root issue is: Is there a good reason students have been given rights to uninstall software?
That aside, I guess you could transform the MSI, so that the app's entry is hidden in Add/Remove programs. Although, if the students have local administrator rights, you'd need to try and prevent them from stopping the AB Tutor Control service, probably through group policy system services permissions.
Hi,
Thanks for the quick reply. The students can log onto the local workstation as teacher/teacher and simply uninstall from that group privilege.
It is very frustrating for me as ICT coordinator to try and help teachers cope with students who are hell bent on getting around the system security (what little there is). The network manager believes in an 'open policy' and self regulation ...but he is not in the classroom is he
I was getting very excited with AB Tutor because it seemed to do everything I wanted but this major major oversight in design leaves me speechless. AB Tutor should at least need a password or the original install program like Lanschool does to uninstall it. We are looking at getting 10 licenses so Lanschool is expensive.
Hi maxymaxy - I would ask the network manager how his 'open policy' deals with the data protection act? I would say that any reading of the law indicates that students should never be able to log in as a teacher as they would then have access to confidential information. Why do the kids know the username and password combo for the teacher? Is there only one 'teacher' account?
To put it bluntly, you (as in the school) don't have any security and as such are not complying with the data protection act or the child protection act.
Is your school a primary by any chance?
It's not reasonable to expect ABTC to compensate for the lack of desktop security that's been implemented.
We use it throughout the school here with no security problems, except for teacher password breaches, which are dealt with swiftly.
From your second post, it doesn't even sound like a technical issue. As localzuk says, a) why do students know the teacher's credentials, and b) why is the username the same as the password?
Exactly, we use it across school also and have no problems with security on it, but that is because we use it in an environment which runs on 'deny first, then allow' as the security policy.Originally Posted by meastaugh1
I can only echo what others have said. You need to look at your basic setup else you could be saying the same about any program.
We use AB tutor and are happy enough with it considering the price.
hi we use ab tutor in our school, and it work very well along side our new Bloxx hard/software, the only problem we have is kids unplug the network cables to stop connection lol
I agree with all of you. Just to clarify though, the students log in to the workstation locally which means that they have the privileges to uninstall programs but it doesn't allow them to map the network drives hence privacy is not an issue. The novell network means that there are two login screens first to login to the network and the second to login to the workstation. Some problem with one of the servers means that students are able to ONLY login locally which means they can still play LAN games but not have any access to their home drives or network drives.
Having calmed down a bit and thinking through some possible solutions, it may be that when ABT is installed the first time I can set up a some permanent policies in ABT and deploy them to the clients which deny students (who log in locally) access to run/cmd and the control panel. I can also do a registry hack to hide the icon in the add/remove programs. This is not ideal, I know, but is it feasible with ABT?
The network manager is leaving at the end of this year so I hope the new person will take security a bit more seriously.
I have just tried the registry editing policy function in ABT and it works well :P From the control workstation I was able to easily remove access to add/remove programs.
I will go ahead with my pilot plan, create a policy pack to tighten up security (just don't tell the network manager) and .... hope the new guy is more sympathetic to the teacher's plight 8O
Ouch... some serious concerns with the kids able to log in as admin...
They could install anything! How about a keylogger? Viruses?
I'd scrap the teacher/teacher account immediately. Uninstalling AB Tutor is the last thing to worry about!
I was thinking the same.
Assuming that your users need to logon locally, why do they need to logon lcoally with such unrestricted accounts?
Absolutely - a ridiculous setup - the NW Manager needs sacking!
maxy i have only one word leave your job and get a new one
Also let the folks at AB know what you have done as a workaround. They might be interested in changing things in their documentation to help others with similar problems.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote