Educause Security Discussion mailing list archives
training lab security - Active Directory
From: Kevin Shalla <kshalla () UIC EDU>
Date: Fri, 15 Dec 2006 16:13:21 -0600
I'm new to Active Directory, and am looking for ways to improve the security on our PCs. My hardware management staff is resisting my strategy of putting all our training room computers into Active Directory and having them all log in with their own AD accounts. Their preference is to have users log in to a local guest account on the computers. I'm thinking that if someone loads spyware or other nasty stuff, then other users won't be affected by that because the accounts do not have administrator access. My staff's contention is that once malware is on a PC, it is NOT limited to one account, but infects the whole machine. Further, they believe that having individuals logging in with their own accounts would create too many profiles, filling up the machines. What are the best practices for managing Windows machines in lab facilities?
Current thread:
- training lab security - Active Directory Kevin Shalla (Dec 15)
- <Possible follow-ups>
- Re: training lab security - Active Directory Aaron Childs (Dec 16)