Comment Re:Lock it down hard (Score 1) 533
I pretty much agree with all the comments made above.
We do all of that where I work (a Uni where we have about 500 PCs all running XP).
I'd like to back up the point about lecturers/teachers not needing admin rights on machines, and would suggest limiting admin rights to as few people as possible. If necessary, compartmentalise them. An example of this: We have two sets of administrators here. One with rights over the student machines (labs) and one with admin rights over the staff machines.
Where I work, lecturers can do pretty much whatever they want with the machine in their office as they have admin rights over that, but if they need anything installed on the lab machines, they have to email a mailing list that gets sent to the technicians. This may seem beurocratic, but we get quite a few requests, so we need a centralised way to keep track of who is installing what.
We do all of that where I work (a Uni where we have about 500 PCs all running XP).
I'd like to back up the point about lecturers/teachers not needing admin rights on machines, and would suggest limiting admin rights to as few people as possible. If necessary, compartmentalise them. An example of this: We have two sets of administrators here. One with rights over the student machines (labs) and one with admin rights over the staff machines.
Where I work, lecturers can do pretty much whatever they want with the machine in their office as they have admin rights over that, but if they need anything installed on the lab machines, they have to email a mailing list that gets sent to the technicians. This may seem beurocratic, but we get quite a few requests, so we need a centralised way to keep track of who is installing what.
Slashdot Top Deals
The first rule of intelligent tinkering is to save all the parts. -- Paul Erlich
