Andy Lacey
andy at minstersystems.co.uk
Tue Aug 3 01:28:00 CDT 2004
Andrew That all sounds great advice. Many thanks for taking the trouble. -- Andy Lacey http://www.minstersystems.co.uk > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Haslett, Andrew > Sent: 03 August 2004 07:03 > To: 'Discussion of Hardware and Software issues' > Subject: RE: [dba-Tech] W2K Setup & Admin Principles > > > Andy, I'll asume you're using a domain as you've mentioned > group policies. > > Firstly, set up 2 or 3 DOMAIN groups such as: > * WorkstationAdministrators > * WorkstationPowerUsers > * WorkstationUsers > > You then place these groups into their respective LOCAL > groups on each machine (easily done using a standard image > which you ghost onto all your > wokstations) > > Once that is done you can place domain users into those > DOMAIN groups as you see fit. Ie, place users such as > yourself into the WorkstationAdministrators group and you'll > automatically have admin privs on any workstation you log into. > > This makes it easy to alter uses privileges if you come > across any applications which have issues with security > privileges (which is pretty rare). > > Secondly, applications usually prompt you whether or not you > want to install for 'the current user only' or for 'all > users'. All this usually does is place a shortcut into the > 'local users' profile or the 'all users' profile / desktop, > which you can copy/move as desired. > > Thirdly, one common method is to setup a common or central > 'Start Menu' list of programs (stored on the network > somehwhere) and apply this to all users (set in the 'User > Shell Folders' section of the registry). Once you work out > where all your 'shortcuts' need to go and get them working > then it should work for all users. > > Fourthly, group policy is an excellent method of controlling > domain, user or machine based features, such as My Computer > or Control Panel visibility. > > With starting outlook, there is no difference in the shortcut > between users. There's only one executable. The profile that > is used depends on the user that is logged in, and how you > have configured the (Control Panel -> Mail) settings. PST > files are commonly stored on the users share (often each > users H: drive which is mapped to a directory on the > network), however this is usually only for archived files. > The primary storage for current emails is within the mail > (exchange) server. > > 2K Pro / XP Pro are both designed with multiple users in > mind, and they do a great job of it once you set up your > environment correctly. > > Hope this gets you started. There's a fair bit to cover > which is why there is a number of MS courses and > certification on the subject... > > Cheers, > Andrew > > -----Original Message----- > From: Andy Lacey [mailto:andy at minstersystems.co.uk] > Sent: Monday, 2 August 2004 7:33 PM > To: Dba Tech > Subject: [dba-Tech] W2K Setup & Admin Principles > > This must be trivial for anyone with W2K admin experience, > but I'm coming to it for first time so some help would be > hugely appreciated. > > What we want to achieve is commonplace. A workstation with an > admin level user and an ordinary (or power) user who can run > software but not get at setup functionality. Simply put, what > is the standard way of achieving this? Let's take our first > software, Office 97. If I load it as Admin then only Admin > can see it to run it. Is there something I can do to make it > load for All Users? Or do I have to make my user an admin > temporarily and load it a 2nd time for them? Surely not. Or > do I just copy the shortcut to the All Users desktop? Will > that really work? Doesn't sound the 'proper' way to me. There > must be, I'm certain, a straightforward, simple and correct > way to achieve this. > > Certain software throws up specific problems, again probably > because I'm going about this wrong. Take Norton AV. I load > that under Admin and it runs fine. I download the latest > virus defs and run the downloaded EXE and it does the > business. Now I logon as my user account, but if I then try > to update the virus defs I'm told the subscription has > expired. What's that all about? > > And what does one use to make things like 'My Computer' > disappear from a user's desktop, or 'Control Panel' disappear > from the start menu? To really achieve a tightly stripped > down UI in other words. Do you guys still use TweakUI for > things like that, or is there an in-built mechanism? And is > TweakUI ok in a multiple user setting anyway? > > Does anyone have the answers to this lot? And can anyone > recommend good on-line resources where I can read up and > improve my knowledge (shouldn't be > difficult!) of this stuff. Because I've never been called > upon before to do this kind of thing I've sort of muddled > through when I've needed to do anything, but now I need to > know more. Any help would be greatly appreciated. > > -- > Andy Lacey > http://www.minstersystems.co.uk > > > > > ________________________________________________ > Message sent using UebiMiau 2.7.2 > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > Website: http://www.databaseadvisors.com > > IMPORTANT > - PLEASE READ ******************** > This email and any files transmitted with it are confidential and may > contain information protected by law from disclosure. > If you have received this message in error, please notify the sender > immediately and delete this email from your system. > No warranty is given that this email or files, if attached to this > email, are free from computer viruses or other defects. They > are provided on the basis the user assumes all responsibility for > loss, damage or consequence resulting directly or indirectly from > their use, whether caused by the negligence of the sender or > not. _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > Website: http://www.databaseadvisors.com > >