Firewall Wizards mailing list archives
Architecture Q - Public access domain integrated pc's
From: Jeff Boles <bolesjb () yahoo com>
Date: Tue, 18 May 2004 15:29:57 -0700 (PDT)
Have an issue I'm struggling with, and I know this is the place to turn: We are supporting public access pc's which currently support guest users logging in via a proprietary database system which also holds some user info (favorites). We reset PC system config after use with the fortres 'cleanslate' product (completely wiped), providing users with good ability to trash the system to their content. These systems all run office products, a couple rudimentary third party apps, and internet browsing. We intend to integrate this into an Active Directory and terminal services environment, converting from PC's to thin client hardware. My concern is over AD security and controlling system vulnerabilities. We'd like to integrate into an AD architecture which also supports the core enterprise (non-public users) as well. Public users would be identity-less guest accounts with automatic logon, with passwordless terminal services accounts setup on a per device basis, and desktop access controlled via the third party logon product. The need for Active Directory integration is to manage these terminal server, as well as some non-terminal public systems (updates and patches) with the same management infrastructure in place on the enterprise network (SUS, SMS, etc.). On to the question - Has anyone integrated and locked down to a level of comfort a public access architecture and active directory? These will be separate wiring infrastructures, so cross segment traffic can be closely controlled. What about with terminal services? Any pointers, tips, or best practices? _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Architecture Q - Public access domain integrated pc's Jeff Boles (May 18)
- Re: Architecture Q - Public access domain integrated pc's Paul D. Robertson (May 18)
- RE: Architecture Q - Public access domain integrated pc's Jeff B (May 19)
- Re: Architecture Q - Public access domain integrated pc's Paul D. Robertson (May 18)