+ Post New Thread
Results 1 to 3 of 3
Wireless Networks Thread, One to one - authentication and file storage? in Technical; Right now, our network consists almost entirely of desktop computers and netbooks that never leave campus (mobile computer labs). To ...
  1. #1

    Join Date
    Aug 2010
    Location
    Earth
    Posts
    14
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    One to one - authentication and file storage?

    Right now, our network consists almost entirely of desktop computers and netbooks that never leave campus (mobile computer labs). To handle everything, we use Active Directory to authenticate users, and folder redirection to allow them to share their documents.

    However, our school is considering going one-to-one. One thing I'm trying to figure out is how do we allow students and staff to log into school-issued devices outside the network? Obviously our domain controllers and file servers are only available within our schools. I'm wondering what everyone else is doing:

    • If you do one-to-one computing and allow students to take computers home, do you have any form of authentication, or does each device just have a single local account?
    • How do you have students save files? Syncronization? Web upload? Just save to the HD and have them be responsible for backups?
    • If you don't use AD, how do you deploy and manage rules and polices on the devices?

  2. #2

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi

    It really depends on what infrastructure your have in place and your budget. To make things easier, why not have a remote access solution which allows users to connect to your school network securely from anywhere where there a internet connection. You can further restrict access to only school issued laptops and they can work as if they are connected to the network.

    Sukh

  3. #3

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,624
    Thank Post
    1,240
    Thanked 778 Times in 675 Posts
    Rep Power
    235
    Quote Originally Posted by JoeyH View Post
    To handle everything, we use Active Directory to authenticate users, and folder redirection to allow them to share their documents.
    Someone else has just started a similar thread:

    Bring Your Own Computer (BYOC)

    You could offer remote desktop capabilities - a couple (or however many is appropriate for the size of your school and how many simultanious users you expect) of servers running Remote Desktop Services that people log in to from outside. You'll need to check what happens by way of licensing. You'll need a Client Access License for each person or device that authenticates against your AD server (this includes things like printers, which people tend to forget), or you can obtain a Remote Connector license to blanket cover external logins for your pupils. MS Office certainly always used to be different - you only used to be able to buy device CALs, so each device that connected to your system and ran MS Office needed to be licensed for MS Office itself. That might have changed by now, you might be able to cover MS Office usage with the Remote Connector license - talk to an MS licensing expert / reseller for exact details.

    Instead of using MS Office running on remote desktop sessions you could use a web-based solution - that's what your VLE is for. Microsoft now offer an online version of MS Office, and Microsoft and Google seem to be squaring up for an all-in online office suite showdown. A decent VLE will integrate with Google or Microsoft's online office suite.

    You could, of course, skip relying on anything Microsoft-made or externaly-created and simply run your own web-based VLE, office suite and other services. Your only issue is going to be AD authentication - if you want to integrate web-based services with AD you'll still need CALs for each user or device that connects, or an external connector license. You could ditch AD and use an LDAP server instead, but then you have two separate authentication servers and, potentially, people have to remember two password - one for external services and one for internal. The way to solve that problem is to remove all of your internal machines from AD and have them simply boot in to a local account, probably just running a web browser and remote desktop software.

    I'd go for the local-web-browser-with-remote-desktop-software and have all your Windows applications (MS Office, etc) run via Remote Desktop Services. I'd still go for the External Connector license, though, so you could use AD as a single authentication server. There might not be a way around the external licensing for running MS Office, the best option is probably to only let internal users use it and use either the MS or Google online suite for external office facilities.

    How do you have students save files? Syncronization? Web upload? Just save to the HD and have them be responsible for backups?
    Check your VLE's capabilities again - a decent one should have some kind of file-area integration / upload plugin. If you don't have a VLE, your best bet is probably to simply install a Moodle server and set up the home directories plugin.

    If you don't use AD, how do you deploy and manage rules and polices on the devices?
    Several people on this forum have used Faronics Deep Freeze - I think there's been a couple of recent threads, or you could start a thread to ask for people's speicific experiences. My preference would be for a small Linux distribution that runs a web browser, plugins like Flash, RDesktop and nothing else - just boots, loads web pages, connects to a Windows server to run your legacy oftware and that's it. Nothing to break or fiddle with. We've also had a coupel of discussions on here about setting up a Windows machine in much the same way by replacing Windows Explorer with a web browser, so the machine doesn't have any facilities to run / save local files, probably has better browser plugin support and has a client capable of using a newer version of RDP for remote connections. If you're buying machines licensed for Windows anyway, even if it's a home version, that might be your best option.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 2
    Last Post: 23rd March 2011, 01:55 PM
  2. SATA or SAS for file share storage
    By gshaw in forum Hardware
    Replies: 3
    Last Post: 25th February 2011, 01:10 PM
  3. Free, secureCloud storage/file sharing solutions?
    By MrBitey in forum General Chat
    Replies: 4
    Last Post: 20th February 2011, 08:51 PM
  4. Remove Single Instance Storage on Windows Storage Server 2003
    By Trapper in forum Windows Server 2000/2003
    Replies: 1
    Last Post: 2nd September 2010, 10:22 PM
  5. [MS Office - 2007] .docx file size bloat when printing file with multiple pictures.
    By pete in forum Office Software
    Replies: 5
    Last Post: 29th April 2010, 10:03 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •