Managing a small corporate network

Transition

Banned
Sep 8, 2001
2,615
0
0
So i've been given the responsibility of bringing our corporate network up to par. In specific, the management of end-users. As of right now end users all have a variety of OS's installed. 70% of people are on XP Home, the rest are on ME/98/2000 (and even a laptop with 3.11 i was working on this morning :-( ).

My main problem right now with users is that we have no policies or restrictions from end-users installing applications - this results in spyware, games, and lots of other crap like weatherbug, espn tickers, etc.. We have a Win2K server running @ the host location so setting up a domain is a possibility, but i'm not sure if this is the most efficient route.

What do you guys suggest for setting up end-users to restrict them from doing certain things such as installing software? I realize there are probably several ways to achieve the same effect but any personal recommendations would be appreciated.

TIA,

- RJ
 

polm

Diamond Member
May 24, 2001
3,183
0
0
Build a Windows Domain that you can use to, at least, create restrictions based on Username/Group.

Next you might try to upgrade your older clients to later versions of windows that might allow you to push security policies via your Windows Domain server(s) .
 

kevnich2

Platinum Member
Apr 10, 2004
2,465
8
76
Keep in mind, XP Home cannot login to a domain, you must upgrade any XP Home OS's to XP Professional. But yes, a domain would be the easiest way to push security policies, unless of course you want to edit the security policies of each and every machine you have.
 

Transition

Banned
Sep 8, 2001
2,615
0
0
Originally posted by: kevnich2
Keep in mind, XP Home cannot login to a domain, you must upgrade any XP Home OS's to XP Professional. But yes, a domain would be the easiest way to push security policies, unless of course you want to edit the security policies of each and every machine you have.

Yea will definitely have to upgrade everyone to XP Pro. Now, i'm not familiar with setting up domains, but can't you define different policies depending on which group the user belongs to? I'll probably have 3-4 different sets of policies depending on who the employee is. Also, you don't need any licenses or anything besides Win2k Server and XP Pro clients, right?

Also, if a user logs into a domain, and the domain controller somehow goes offline, does it immediately effect end-users? Or is the only real interaction between clients and the domain controller happen on login?
 

ColdZero

Senior member
Jul 22, 2000
211
0
0
You're going to need the server licenses, the client licenses and then the CALs (client access licenses) for each particular software you want to give server access to. You can purchase the Micrsoft Desktop Licenses, which includes, the latest version of windows for the desktop, office and a CAL for windows server, exchange and sms.

Yes, you can define a group policy depending on which Orginizational Unit each entity belongs to. If the domain controller goes offline, it won't effect users immediately, unless they need a service running on that server. By default login credentials are cached on the local computer. So if Sally logs into her computer at 8:00 and the DC goes down at 8:05, Sally can log out and log back in without a problem because its cached on her computer. Now if she needed files or something from that DC, then she's screwed.

Things go on after login, you can have group policies apply after somebody has already logged into a system.