Preferred Laptop Configuration (XP Laptop / 2003 Domain)

L

Lotsa Cabo

What is the best / preferred way to configure a corporate laptop for
both internal and external usage?

Is it best to configure the laptop with only local computer accounts
and then force the user to attach to shares using their network
username / password when they return? Or, is it best to configure the
laptop with a proper machine account, in the domain, and then logon
using that account? If I add the machine to the domain, then what user
account will the machine use when they are disconnected (a cached
version of the domain user, I hope)?

Sorry for the newbie'ish question. I've always used the former of the
two, but I am looking for opinions.

Thanx,
Ryan
 
C

Chuck

What is the best / preferred way to configure a corporate laptop for
both internal and external usage?

Is it best to configure the laptop with only local computer accounts
and then force the user to attach to shares using their network
username / password when they return? Or, is it best to configure the
laptop with a proper machine account, in the domain, and then logon
using that account? If I add the machine to the domain, then what user
account will the machine use when they are disconnected (a cached
version of the domain user, I hope)?

Sorry for the newbie'ish question. I've always used the former of the
two, but I am looking for opinions.

Thanx,
Ryan
Click to expand...

Ryan,

You have several issues here.
1) How to authenticate to the laptop, when logging in to its desktop.
2) How to authenticate from the laptop, to other resources.
a) When connected to the domain.
b) When connected to other networks.
3) How to connect to the laptop, from other computers.
a) When connected to the domain.
b) When connected to other networks.

How much time, proportionally, will the laptop be used:
1) On the domain.
2) On other networks (and how many other networks)?
3) Standalone (Internet cafe, public library)?

What are the security policies of the domain? How secure are the other
networks?

Is this a single laptop? Are there other laptops being used? Are there other
laptops being used, without thought to these details?

I don't think that this is a quick question to answer. It may be fun discussing
the details though.
 
L

Lotsa Cabo

All good questions... just don't have a lot of time, unfortunately.

I have just taken over for someone for someone else, but generally all
laptops are configured the same... each laptop DOES have a computer
account within the domain, each has TWO sepearate accounts... one local
user account with admin-level access and one domain account. Users are
logging in with the domain account when they are present and the local
when they are away from the office.

Until I arrived, security was non-existent. Everyone had full control
over every resource on the domain and there was one HUUUUGE login
script to individual map every share and printer to every user, one by
one. All user passwords are set to "Never Expire" and there is no form
of strong passwords in place. Needless to say, this is changing.

Users no longer have full control to anything. Security is now setup
properly at a resource / group level. And, lastly, users do not have
admin level access on their machines.

Now, to answer your questions...
How much time, proportionally, will the laptop be used:
1) On the domain.
Click to expand...

Generally, laptops are used 50/50 in the office an outside, on service
calls by our techs.
2) On other networks (and how many other networks)?
Click to expand...

No other networks, other than a user's home network if they so choose
(not concerned there).
3) Standalone (Internet cafe, public library)?
Click to expand...

The 50% that is used outside of the office is generally used in a
disconnected manner.
What are the security policies of the domain?
Click to expand...

At this point, domain security is at a resource level, more than
anything. There is the conventional PDC/BDC setup, but I am trying to
ease this non-tech company into a proper environment.
How secure are the other networks?
Click to expand...

Assume any network the laptop connects to, outside of our own, is
completely insecure.
Is this a single laptop? Are there other laptops being used? Are there other
laptops being used, without thought to these details?
Click to expand...

Half of our machines are laptops and all have the same concerns. I am
beginning to rebuild the first today, which is why I am finally
thinking of these items in detail.

Overall, the goal is the following...

1. Users should only have the access they need to use their
machine and not more;

2. While in the office, they do have access to the domain
resources (PDC, etc.);

3. Preferably, they will use the same account while disconnected
and away from the office; and,

4. These are non-tech users so simplicity is key.

That got the creative juices flowing?

Thanx,
Ryan
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Preferred Laptop Configuration (XP Laptop / 2003 Domain) 2
Windows XP laptop with Static and DHCP requirement 2
Laptop user can't log on offline 2
Connecting a laptop used in a domain at work to a home network 3
XP Logon Problem: "Domain not available" 1
Networking XP laptop on office domain to home XP workgroup 1
networking domain laptop to XP Pro Desktop Problems 1
Connecting to network resources from a laptop running XP Home 1

Top