Educause Security Discussion mailing list archives
Re: Active Directory in comp labs
From: "James R. Pardonek" <pardonjr () CALUMET PURDUE EDU>
Date: Thu, 3 Jun 2010 08:30:41 -0500
We also use Deep Freeze. Every student uses their own account to log in and we require a password change every 120 days. The only issue we see with Deep Freeze is that it does not "freeze" the boot partition. So, if you get a boot sector virus, the machine is infected regardless of rebooting until you clean it. Somewhat defeats the purpose. Regards, Jim James R. Pardonek, CISSP Senior Network Administrator Purdue University Calumet Data Network Information Services Purdue University Calumet Hammond, Indiana From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Todd Clementz Sent: Thursday, June 03, 2010 7:56 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Active Directory in comp labs Brandon, We used DeepFreeze for a year with a few hang-ups, but there were other reasons for us going away from it. I do have a questions about a unified username and password. Are your security people, and maybe you are the security people, not concerned about anything being done from a computer.i.e. malicious email or hacking attempt or anything like that? Here at OSU, the policies and procedures are pretty lengthy with regard to user/network security. Todd Clementz Systems Engineer Knowlton School of Architecture The Ohio State University 614.292.8544 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brandon Payne Sent: Thursday, June 03, 2010 8:35 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Active Directory in comp labs Starting this Fall we will be rolling out Active Directory for the first time in all of our computer labs. All computer lab machines will be running the Faronics - DeepFreeze product (when computers are rebooted, they are back to a fresh state). To simplify things for now, all students will be using one domain profile to login, "Student." To get around any sort of password expiring issues, Faronics said to set the Maximum Password Age to 999 or "Not Defined." Is anyone else running Deepfreeze while joined to the domain? Hoping there aren't any other issues. All lab machines are Windows 7. I already have some computers deployed and have had some use the past couple weeks and they work fine so far. The real test will be summer semester. Do you know of any caveats or recommended items for running AD in the labs? Thanks in advance... -- Brandon Payne Technical Support Specialist Information Services Sauk Valley Community College
Attachment:
smime.p7s
Description:
Current thread:
- Active Directory in comp labs Brandon Payne (Jun 03)
- <Possible follow-ups>
- Re: Active Directory in comp labs Todd Clementz (Jun 03)
- Re: Active Directory in comp labs James R. Pardonek (Jun 03)
- Re: Active Directory in comp labs Brandon Payne (Jun 03)
- Re: Active Directory in comp labs Todd Clementz (Jun 03)
- Re: Active Directory in comp labs Brandon Payne (Jun 03)