[27089] in resnet
Re: Windows 7 Labs in AD
daemon@ATHENA.MIT.EDU (Matt Grulke)
Tue Dec 6 08:44:23 2011
X-RC-FROM: <mpgrulke@svsu.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Message-ID: <1379802567.1106959.1323179051913.JavaMail.root@vmailbox4.svsu.edu>
Date: Tue, 6 Dec 2011 08:44:11 -0500
Reply-To: Matt Grulke <mpgrulke@svsu.edu>
From: Matt Grulke <mpgrulke@svsu.edu>
To: RESNET-L@listserv.nd.edu
In-Reply-To: <4ECBD02C.5030607@wheatoncollege.edu>
A bit older thread but didnt see it in quarantine, just wanted to clear up the confusion on sync.
Deepfreeze will automatically turn off machine sync and allow it to happen during thaw periods only, 2 policy settings need to be checked though
Domain Controller: Refuse machine account password changes to Not Defined
Domain Member: Disable machine account password changes to Disabled
Since were allowing admin access to our 1200 lab machines we'll still be using deepfreeze for our novell - AD switch.
----- Original Message -----
From: "Brian Gibson" <gibson_brian@wheatoncollege.edu>
To: RESNET-L@LISTSERV.ND.EDU
Sent: Tuesday, November 22, 2011 11:39:08 AM
Subject: Quarantine: Re: Windows 7 Labs in AD
I'm not 100% sure but I think you might need to scrap DeepFreeze on those machines because the Windows 7 desktops need to change it's computer account password in the domain periodically (every 30 or 45 days I think). If you put a machine back to a previous state the passwords might no longer match and the computer will need to be rejoined to the domain (again, not 100% sure of this). I do not know if a way to redirect a user's domain account to a local account, the two are totally separate. What we have found works well for us (after a lot of headache to set up) is VMware View set up in a Linked Clone floating (non-persistent) desktop pool. You get the same benefit as DeepFreeze in that when you logout the virtual desktop is nuked and put back to an original state.
I think you have two options (again, thinking off of the top of my head... could be wrong).
1. Switch over your network and print shares to AD which will make printing and file share access seemless.
2. Maybe there is a connector to 'join' your Novell setup to AD?
On 11/22/2011 11:14 AM, Jenni Piper wrote:
We are in the process of moving our Windows lab machines to Microsoft's AD environment and have run into some bumps. Our current environment is eDir, which consists of a Novell client running on Windows 7, where a user logs in with their network credentials for network resources ( network drives, printer access - iPrint). We are using Autoadminlogon to redirect all logins to a local account with the user profile configured for the various applications installed on the lab image. However, now that these machines are joining Microsoft AD, we are running into a problem where users are not being prompted for their network credentials if Autoadminlogon is enabled.
We would like our windows 7 computers that are joined to a domain have domain users login with their credentials but instead of creating a new local account that matches that domain account we want it to login to a pre-configured local account. We have Deep Freeze installed on these computers meaning newly created profiles get wiped out at reboot resulting in long logins every time.
How is your institution handling computer labs joined to a domain and user profiles?
Jenni Piper
Associate Director of Technology Services
Eastern Mennonite University
___________________________________________________ You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives, go to http://LISTSERV.ND.EDU/archives/resnet-l.html ___________________________________________________
--
++++++++++++++++++++++++++++
Brian Gibson
Systems Administrator
Wheaton College
___________________________________________________ You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives, go to http://LISTSERV.ND.EDU/archives/resnet-l.html ___________________________________________________
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
