“zen” workstation environment status report
DESCRIPTION
“Zen” Workstation Environment Status Report. John Klein Debbie Carraway Information Technology, Systems. Current Status & Timetable. 63 PC’s in ITD Laundry lab moved Friday So far, students seem happy Norton Antivirus has some minor issues No data yet from Helpdesk re: Remote Control - PowerPoint PPT PresentationTRANSCRIPT
“Zen” Workstation Environment Status Report
John Klein
Debbie Carraway
Information Technology, Systems
Current Status & Timetable
• 63 PC’s in ITD Laundry lab moved Friday• So far, students seem happy
– Norton Antivirus has some minor issues– No data yet from Helpdesk re: Remote Control
• Other ITD labs to be converted during break between Summer II and Fall 2000
Schedule Review
Event Review
• Deploy Summer I delayed so for improved communication & documentation
• Summer II suffered two major disasters:– NDS “Obituaries” and mixed replica rings– Concurrent RAID failures on 2 of the 3 replica
holders for .Users
• Moving now to test at scale before Fall
How do things work?
Review changes from traditional setup• Novell Client-32 rather than NCSU GINA• kAuth for access to AFS on NT4
workstations• No additional restrictions on HKLM• Apps in Netware filespace for access from
non-NT4 clients (Win2k, Win9X)• Profiles in Netware file space
Application Assignment
iMacProfileA Physical PC(with a physical Registry)
UserObjects
Application
Associatedwith
DisplayOnly if RegistryKey is set
“Show” Application
Associated “force run”with
WorkstationObjects
Registry Gets set
Where do settings come from?
User
Workstation
LoginScript
UserPolicy
WSPolicy
Depends on OU=Zenlab env var to runSets L:, M: and a temporary K:Enables Proquota for each userAny other “Run at Login” type tasks
Sets up Dynamic Local UserDisables RegeditAny other “User” policies (see NT Resource Kit)
Disables Peer to Peer NetworkingRuns kAuthInstalls printer driversAny other workstation restrictions
Details of WS Policies
• Global Policies are assigned to the container, and impact all WS in that container
• Specific Policies are assigned to WS groups (for particular printers, etc)
OrganizationalUnit
..WS Group
..WS Group
GlobalPolicy
SpecificPolicy
Imaging to restore OS
• We use “Boot Control” (part of Free DOS project), installed on Master Boot Record.
• First partition: 1250 MB FAT16 with DOS, Ghost, and an AUTOEXEC to control restores
• Integrates with our ‘unattended’ NT install
• Initial admin touch to create ghost image including workstation’s identity
What we’ve achieved
• “Simpler” (not trivial) Application creation– Most apps can run without security changes– NTFS permissions still “majic”
• Quicker restores of damaged lab seats– “Self healing” applications replace individual
files and settings on apps that won’t run– “Rebuild this PC” can be done by end users to
restore to pristine installed condition, quickly
What we’ve achieved (2)
• Secure, Policy based Remote Control for improved help desk
• Complete workstation inventory in Sybase
• Policy based platform for managing PC’s, using standard tools
• A more “open” platform to support OS’s besides NT4
Where to go from here?
• You tell us!• Address any “Anti-features” discovered in
labs• Improve documentation• Develop and Publish Policies and Procedures
for new applications in the open labs• Prepare for Windows 2000 and Zen for
Desktops v3
“Zen” Workstation Environment Status Report
Information Technology, Systems