I agree, #3
M$ recipe for this setup is at:
Grand Isle Supervisory Union
5038 US Rte 2
North Hero, VT 05474
From: School Information Technology Discussion
[mailto:[log in to unmask]] On Behalf Of Bob Wickberg
Sent: Tuesday, February 19, 2008 8:20 AM
To: [log in to unmask]
Subject: Re: Desktop Security
I've found #3 to be the key to quick logins. What causes slow logins
is if windows has to set up all those settings that get created when you
see little boxes appearing in he upper left that say "windows is setting
up...." If you log in as a generic user, allow those to happen, (start
Office once, too, esp Office 2003. Office 2007's not so bad), then
the machine, copy that user's profile to the default user profile,
everyone's logiin will be lots quicker after that. I cut login times in
our lab from 5 minutes to less than one, on 1 ghz P3s running XP.
School Information Technology Discussion <[log in to unmask]>
>This is the setup I have found works best for me and the computers I
>1. All lab / student use computers have deepfreeze installed.
>2. All users have local admin rights on every computer. I set this
>group policies. (email me if you want the how-to)
>3. Instead of mandatory or roaming profiles, I just set the
>the way I want all users to see and then copy that profile to the
>4. I use scriptstart for all logon script options, including drive
>mapping and printer assignment (opensource, with paid support option):
>5. I use Group policies for restrictions; I am pretty lax, I just
>to prevent them from doing anything malicous.
>6. For non-deepfreeze computers I will run delprof.exe (part of MS
>periodically to clean out the profiles.
>7. I will Ghost as needed in the labs.
>8. Lately I have setup Edubuntu LTSP and been using old computers
>thin clients in classrooms. That has worked out well.
>----- Original Message -----
>From: "Craig Lyndes" <[log in to unmask]>
>To: [log in to unmask]
>Sent: Wednesday, February 13, 2008 11:02:40 AM (GMT-0500)
>Subject: Desktop Security
>I know that this topic has been on the list recently (I have been
>lurking). However at my new job I have observed that their attempt at
>desktop security has some negative consequences that I would like to
>fix. They are currently using Windows Domain Logins with profiles that
>on their older, slower machines make boot-up take up to 5 minutes
>(creating a new profile for each student) and clutter up the hard
>with old profiles.
>Cut to the chase - Are there any schools out there that are using Disk
>Imaging as a part of their desktop security system?
>What I am proposing is to have some computers where the users have full
>access to the local machine. They can install plugins, change the
>desktop, do whatever they wish with the computer. If something happens
>to the machine that causes it to become compromised then the computer
>reimaged from a standard image stored on the network. If you are using
>an imaging solution, which one, what are its benefits and how much does
>it cost? Are there any repercussions to having unlocked desktops (not
>everywhere, but where appropriate and requested)?
>Question #2 - What are people using for desktop security that is
>installed locally on the computer, not a server/login based solution?
>I am not enamored with Windows servers and am thinking of going open
>source for network resources. This would require the machines that
>to have the desktop managed have something locally installed. I am
>familiar with Deep Freeze, which seems to work very well. I've also
>struggled with Fortress, which I found to be very good at disabling the
>machine upon which it is installed, and therefore a less than ideal
>solution. What are people using? We are using Icon Lock successfully
>on the Win 98 machines (approx 1/3 of the machines still).
>Thanks In Advance
>Franklin Central SU