Solved

joining XP workstations to domain, but need to keep local settings

Posted on 2004-08-19
3
326 Views
Last Modified: 2010-03-18
I have 25 workstations that I am joining to my organization's domain. While I have the ability to add machines to the domain and have local admin privileges, I do not have admin-level priveliges on the domain, nor may I config Active Dir GPOs, etc. The machines are running XP Professional, static IP, and have common software installed (MS Office 2003, Photoshop, etc). In addition, these workstations are equipped with a hard drive protection device called Centurion Guard, which reverts the workstation back to it's previous state each time is it rebooted (e.g. you initially setup the machine how you like, lock it, and after that nothing will ever be saved to disk after a shutdown or reboot.)

So here is the problem: these machines need certain windows preferences and application program configurations - everything from "displaying all hidden files" in Windows Explorer, to  using a certain desktop wallpaper, to changing the auto update feature in Adobe Reader - the full gamut, all pre-configured so a user doesn't have to. Now, with setting up the domain, users will be logging on, and all of those prior configurations and program preferences setup in the past are gone, and each user that logs in must start from scratch. And with the drive protection enabled, any preferences a user saved during a domain session won't be saved!

So, what I am asking is, is there any way I can use my old pre-domain Windows and program preferences so that users won't have to completely start from scratch each time they login via the domain? Can this be done outside of AD? I know you can drop icons and favorites in the "All Users" directory, but I need more.

Is there any solution in this scenario?
0
Comment
Question by:nicu70
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 9

Expert Comment

by:Pentrix2
ID: 11850584
One is doing this through a GPO or manually accomplishing this by individual workstations.  Those are the only 2 options you got.  The first option requirements is domain admin privileges, the second option just requires local admin to the workstations but just a pain because gotta do this for each time it's formatted too.
0
 
LVL 2

Accepted Solution

by:
ihuckaby earned 125 total points
ID: 11853860
The easiest thing would be to ask the domain admins to put said workstations in their own OU, then block policy inheritance there.

I say that's easy, but I suppose that depends largely on the domain admins now, doesn't it?  It could also depend greatly on your overall AD design.

If they're really nice, you can ask them to delegate authority to you for that OU, and then it can become your problem.  You could then make your own policies for all the machines in the OU.  They could also then selectively place domain policies onto the OU, rather than them inheriting everything above them.

You could also ask them to deny "apply group policy" rights to those selected machines, but would have to do that on every policy that messes your machines up.  That can suck if there are a lot of relevant policies.

You can configure local policy, but if they don't allow domain policy to be overridden (and why would they), then you're just going to repeatedly eat domain policy.

If you have draconian sysadmins, then most likely the machines will just have to stay off the domain.
0
 
LVL 9

Expert Comment

by:Pentrix2
ID: 11853948
ihuckaby is right and like i was saying too, depending on your organization and the security policies of giving out admin privileges.  but like ihuckaby said, if they're REALLY nice.  most likely, they won't.  for you to get that kind of access even just for 1 custom OU for this situation, it has to get approval from your supervisior and depending on how your company's structure it may even go for further approvals to even get this.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question