+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Wireless Networks Thread, Many people, one profile and lots of shared, password protec in Technical; In my new job (which increasingly strains my limited network administrator skills), I’ve inherited a school network that uses a ...
  1. #1
    Blind's Avatar
    Join Date
    Jul 2006
    Location
    The Wrong Side of The Pond
    Posts
    61
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Many people, one profile and lots of shared, password protec

    In my new job (which increasingly strains my limited network administrator skills), I’ve inherited a school network that uses a convoluted system of roaming profiles that causes numerous problems with speed, security and compatibility with our crummy education software.

    The only network resource that the students and teachers really need is a protected, shared folder to store their files that is accessible from every computer on the domain with a password. They currently have this with our server 2003, active directory system, but as I mentioned above, it’s currently not ideal.

    I was wondering if there was a way to tweak 2003 or a 3rd party app that would allow a universal login for each computer, but request a password to access or save to a network folder on a mapped drive?

  2. #2

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,248
    Thank Post
    671
    Thanked 1,642 Times in 1,466 Posts
    Rep Power
    424

    Re: Many people, one profile and lots of shared, password protec

    You create each user their own home directory on the server, share it and set this in their user properties. Using a log on script you map a drive say H: to this path i.e \\server\username$

    The permissions on their home folder can be whatever you choose but normally something like administrators full control and username change or full control.

    Ben

  3. #3
    Blind's Avatar
    Join Date
    Jul 2006
    Location
    The Wrong Side of The Pond
    Posts
    61
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Many people, one profile and lots of shared, password pr

    Yep, that is the way it is currently done.

    I'm looking at doing something odd. I want the user to use a generic login (same for everyone), but then have to enter a unique password when they attempt to access a folder on the server.

  4. #4

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,248
    Thank Post
    671
    Thanked 1,642 Times in 1,466 Posts
    Rep Power
    424

    Re: Many people, one profile and lots of shared, password protec

    But then how do you track what an individual user does on the system and internet etc... you have no trail to follow and everyone has deniability.

    I think you are making it worse for yourself trying to go this route.

    Ben

  5. #5

    Join Date
    Jun 2006
    Location
    Belfast, N\'Ireland
    Posts
    190
    Thank Post
    10
    Thanked 9 Times in 7 Posts
    Rep Power
    18

    Re: Many people, one profile and lots of shared, password pr

    Seems like you need to start using Mandatory profiles.

    Stay with your existing user folder system it is the industry best practice. Keep your user accounts too but change they're profile to a mandatory profile which you creat once and then save to a folder on the server to be loaded by every user as they log on.

    As long as all your software is conficgured correctly when you save the profile all users will get that configuration and even if they manage to find a chink in your group policy and alter it on the local machine, when they next log on they will get a clean copy of the deault profile again.

  6. #6
    Blind's Avatar
    Join Date
    Jul 2006
    Location
    The Wrong Side of The Pond
    Posts
    61
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Many people, one profile and lots of shared, password pr

    I probably would be making it more difficult for myself, but I’m not as concerned with security (we have other software for that) as with functionality, speed, and ease of customization.

    I’m guess I’m just trying to think of ideas to make allowing 450 people be able to access any of the ~200 in the building without the slowdown or configuration problems.

  7. #7
    eean's Avatar
    Join Date
    May 2006
    Location
    Kuala Lumpur
    Posts
    566
    Thank Post
    68
    Thanked 54 Times in 38 Posts
    Rep Power
    30

    Re: Many people, one profile and lots of shared, password pr

    Quote Originally Posted by Blind
    I'm looking at doing something odd. I want the user to use a generic login (same for everyone), but then have to enter a unique password when they attempt to access a folder on the server.
    I don't think that is possible. You can't be connected to a server under one username then connect to the same server using a different username. I would guess the only way to do that is to put all your shared areas on a different computer, with it's own username list that is not part of the domain. This is a really messy solution, however. I really think you'd be better to set up proper usernames with redirected folders to shared desktop and start menu.

    IF there is a way of doing this, I'd like to know it: In my school (Primary) Each year group has it's own logon. It would be handy if staff could map to their home folder whilst logged as a child.

    EDIT: As for speed, look at this thread: http://www.edugeek.net/index.php?nam...er=asc&start=0 - an update that knocks 20 secs of logon with redirected folders. So our logon is now ~15seconds.

  8. #8

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,952
    Thank Post
    1,346
    Thanked 1,800 Times in 1,118 Posts
    Blog Entries
    19
    Rep Power
    597

    Re: Many people, one profile and lots of shared, password pr

    You definitely need mandatory profiles. It will speed things up no end ... and by tweaking your login scripts you can improve things too.

  9. #9
    ChrisC's Avatar
    Join Date
    Mar 2006
    Location
    Dorset
    Posts
    767
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    19

    Re: Many people, one profile and lots of shared, password protec

    A universal logon just does not work.....at all.

    The profile itself would get so big it would probably bog things down anyway.

    Mandatory is the way to go.

    Chris

  10. #10
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    34

    Re: Many people, one profile and lots of shared, password protec

    I suppose if you really had to do it, you could write a logon script which asked the user to log on again, and then connect a drive to a share/folder based on the user they specify. You could also redirect My Documents to the same location. Can't for the life of me think of one good reason for doing this however. As others have said, mandatory profiles are there for this. Can you tell us a bit more about exactly what it is you want to achieve?

  11. #11
    ChrisC's Avatar
    Join Date
    Mar 2006
    Location
    Dorset
    Posts
    767
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    19

    Re: Many people, one profile and lots of shared, password protec

    The problem with having that system, is that people would also leave it logged on etc etc = major problems, we all know how sloppy teachers are.

    Chris

  12. #12

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    9,014
    Thank Post
    614
    Thanked 2,194 Times in 1,006 Posts
    Blog Entries
    23
    Rep Power
    632

    Re: Many people, one profile and lots of shared, password pr

    Hi Blind and welcome. I didn't get chance to say hello earlier, so there it is
    As the others have said, didtch the roaming profiles as TBH they are evil, and whilst mandatory profiles are not my favorite option either it does sem to be the way to go on a short term basis. A single logon is a disaster waiting to happen, and weilding a large stick with a nail through the end is proberbly the best way of reinforcing the students ability to remember their passwords.

    I think you need to look at this for further insperation:

    http://www.theregister.com/odds/bofh/

  13. #13
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    34

    Re: Many people, one profile and lots of shared, password pr

    Quote Originally Posted by Dos_Box
    didtch the roaming profiles as TBH they are evil
    I wondered how long it would take before DB pitched in with the 'roaming profiles are evil' line. If only he would use IMHO instead of TBH then I wouldn't have to keep harping on about it! It's odd that lots of admins seem to work with Roaming Profiles quite happily. I know they are not the best solution for everyone, but they do work and provided they are implemented and managed in the right way (just as with ANY other system), they do what they say on the tin. There's quite a bit of info on the Wiki about setting up roaming/mandatory profiles.

    For what it's worth, in My humble opinion, roaming profiles are not the right choice for students. Mandatory profiles provide a secure and manageable environment. Staff benefit from roaming profiles provided they are educated on the pitfalls.

    There. I've said my piece and will not turn another thread into a profiles warzone. TTFN

  14. #14

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,942
    Thank Post
    1,199
    Thanked 1,069 Times in 760 Posts
    Rep Power
    330

    Re: Many people, one profile and lots of shared, password protec

    Hi Blind
    Welcome to the forum of forums.
    You will find a wealth of information on here as well as conficting well defined arguments whether or not to go with roaming profiles. Well i use roaming profiles and my login times are 30-40 secs (oldest workstations) for new user logon to that workstation and if they log off and straight back in again it takes 12secs. I keep a tight grip on user profile size and average size is about 400Kbytes this gives them their desktop and my docs folders along with windows settings. I feel this is more than acceptable for students who want to spend their time and yours messing about and not truly working. Give your users the least access to everything on the network and as long as it functions to the requirements needed then everybody is happy.

    As for usernames keep them simple but accountable and let them choose their own passwords no less than six and no more ten characters long (you can set this up) alphanumeric only no spaces dashes etc. Good luck with what you decide to do anyway and welcome once again to the club

  15. #15

    Join Date
    Feb 2006
    Posts
    1,187
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Re: Many people, one profile and lots of shared, password protec

    Hi Blind,

    I think I have to agree with what most people have said. Use mandatory profiles or default profiles from NETLOGON.

    The only way to do what you propose is to make the shared account a local account on each machine. That way you can also access server file shares with individual username passwords. You'd have to setup a policy to ban interacitve logons using network accounts if they PCs are on the domain. The problem is how do people change their passwords.

    But ask yourself why you want to do this?
    What advantage do you gain?

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Quickest way of making lots of jpegs smaller
    By thegrassisgreener in forum Web Development
    Replies: 6
    Last Post: 5th November 2007, 11:46 AM
  2. Moodle Help! Lots of Teachers!
    By Disorder in forum Virtual Learning Platforms
    Replies: 2
    Last Post: 12th January 2007, 03:55 PM
  3. its here ks3 people
    By russdev in forum General Chat
    Replies: 5
    Last Post: 14th July 2005, 07:57 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •