Re: What's your Minimum Spec for XP

**mark** · 29th June 2005, 10:01 AM

Thanks very much for that guys [except you Stewart! :P hehe]

The windows 2000 figure is useful too.

would kick up a fuss and say if you are supporting it then you have final say on what should go on network...

That's what I intend to do Russ. This guy is a manager that spends a lot of time fixing PC's. He has his own 'network' that he looks after entirely himself, but my argument is that he can't possibly sustain this with all the changes afoot - so it's me that'll have to support them.

**Ric_** · 29th June 2005, 10:45 AM

Originally Posted by mark

That's what I intend to do Russ. This guy is a manager that spends a lot of time fixing PC's. He has his own 'network' that he looks after entirely himself, but my argument is that he can't possibly sustain this with all the changes afoot - so it's me that'll have to support them.

I thought that teachers weren't allowed to do technical stuff (like they're not allowed to do admin). The unions have been in uproar about this and hence teaching assistant posts were created.

They can't have it both ways!

Besides, why does he have a password that can join computers to YOUR domain? I think your security policy and license management policy needs review - I assume that all the correct CALs have been purchased!?!

**mark** · 29th June 2005, 11:25 AM

Funny you should say that Ric_ - that's the exact argument I've been having for the last 2 years when management caved in and decided to let him have the domain password.

It's just a power thing for him, but because of the way he is, he likes to 'do' things off his own bat, I have no idea what changes are happening on the network. We're arguing that one today too.

Any gems you may have on that topic gratefully recieved too - the meeting is at 1pm.

Cheers

**Geoff** · 29th June 2005, 11:31 AM

*BOFH hat on*

Well, you could be evil and tell his union what he's up to. Or you could be even more evil and deliberately sabotage things he touches then point the finger.

**Ric_** · 29th June 2005, 11:33 AM

You could take away the ability to join the computers to the domain - it's a simple deny checkbox under his priviledges

**Geoff** · 29th June 2005, 11:38 AM

Ask for an external security audit.

**mark** · 29th June 2005, 11:40 AM

He doesn't have access with his OWN password - oh no - he MUST have the actual domain password.

I've changed the password before under instruction of my line manager and experienced detritus falling from a great height to make us let him have the new one.

We now have a resource committee and everything must be passed by it. They decreed that the password be known by the Head, Myself, and this Head of Technology. [they just excluded the ICT Coordinator]. At the last meeting we said that no-one except me should use it - but apparently they didn't realise this - and want to change it back PDQ.

**mark** · 29th June 2005, 11:45 AM

That's a good idea Geoff.

**Geoff** · 29th June 2005, 11:51 AM

No, only you knowing the password doesn't work either. What happens if you get mowed down by a school bus? What you should do is have a typed copy of the password(s) in the schools fireproof safe in a sealed envelope.

**Geoff** · 29th June 2005, 11:54 AM

Oh yes, you can beat him to death with the DPA and RIPA acts too. For bonus points, if you have a well worded AUP for staff he's probably breached that too. Hopefully one can convice the head that that's a sacking offence.

**mark** · 29th June 2005, 12:35 PM

We do as you say Geoff re having a copy somewhere.

Only me use the password - other people know it as well.

The point is that Management are saying that he should know and use the password - unlike everyone else in the school - just because he's pushing for it.

**Geoff** · 29th June 2005, 12:47 PM

No AUP for staff then? Perhaps you should propose one...

**mark** · 29th June 2005, 12:53 PM

Yes - I've draughted one to go into next years handbook. But how would I make it so that he isn't exempt? And how could I wangle restricted access to the whole network into the data protection argument?

**Geoff** · 29th June 2005, 01:08 PM

Yes - I've draughted one to go into next years handbook. But how would I make it so that he isn't exempt?

Simple. If you don't agree to the AUP and you can't use the computers.

And how could I wangle restricted access to the whole network into the data protection argument?

This is also quite simple. One of the provisions in the DPA basically says 'Data must be securely kept'. Clearly because your teacher friend has access to data he doesn't need to have access too. i.e. other staffs files and pupils files he does not teach. One cannot consider that data secure. Especially as he isn't someone under you direct control.

This link should help too:

http://www.dataprotectionact.org/4.html

If the school does not uphold the DPA then it will be taken to court and fined thousands of pounds per incident!

**tarquel** · 29th June 2005, 01:44 PM

Done and done Geoff

Could you edit your post now (I cant for you as I'm not a mod here)?

***NOTE:***

This topic was created and split from the topic:

http://www.edugeek.net/index.php?nam...iewtopic&t=124

Regards,
Nath

LinkBack

Thread Tools

Search Thread