Totally agree with what Brian is saying.
Just wondering what your reasoning is for wanting to keep your domain isolated from the main IT group.
Phil
On 9/19/05, Brian Desmond <[EMAIL PROTECTED]> wrote:
Trusting the campus domain and having students logon with their main
username & password seems like the best and most logical solution.
You could export all of the usernames from the campus domain, but you won't
get the passwords. Giving people even more sets of credentials to remember
is pretty counterproductive, so letting them use their campus account would
make the most sense to me.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Za Vue
Sent: Monday, September 19, 2005 12:27 PM
To: [email protected]
Subject: [ActiveDir] General Access Machines
My environment: Windows 2003 Active Directory
Those managing labs for colleges/universities:
How do you all manage and secure your open access labs? Currently my
lab PCs have a single sign-on domain account that logs on automatically
to the PCs. GPO locks down the machines pretty tight. This does not
prevent anyone from walking in and use the machines, which I am trying
to prevent.
I could trust my domain with the main campus domain and have students
log in using their college id/password. I like to maintain our
independent from the main IT group as much as possible. Could I dump
the LDAP database into my domain and have students log in as
themselves? I have about 450-500 students.
-Z.V.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
