Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

joining XP workstations to domain, but need to keep local settings

Posted on 2004-08-19
3
Medium Priority
?
333 Views
Last Modified: 2010-03-18
I have 25 workstations that I am joining to my organization's domain. While I have the ability to add machines to the domain and have local admin privileges, I do not have admin-level priveliges on the domain, nor may I config Active Dir GPOs, etc. The machines are running XP Professional, static IP, and have common software installed (MS Office 2003, Photoshop, etc). In addition, these workstations are equipped with a hard drive protection device called Centurion Guard, which reverts the workstation back to it's previous state each time is it rebooted (e.g. you initially setup the machine how you like, lock it, and after that nothing will ever be saved to disk after a shutdown or reboot.)

So here is the problem: these machines need certain windows preferences and application program configurations - everything from "displaying all hidden files" in Windows Explorer, to  using a certain desktop wallpaper, to changing the auto update feature in Adobe Reader - the full gamut, all pre-configured so a user doesn't have to. Now, with setting up the domain, users will be logging on, and all of those prior configurations and program preferences setup in the past are gone, and each user that logs in must start from scratch. And with the drive protection enabled, any preferences a user saved during a domain session won't be saved!

So, what I am asking is, is there any way I can use my old pre-domain Windows and program preferences so that users won't have to completely start from scratch each time they login via the domain? Can this be done outside of AD? I know you can drop icons and favorites in the "All Users" directory, but I need more.

Is there any solution in this scenario?
0
Comment
Question by:nicu70
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 9

Expert Comment

by:Pentrix2
ID: 11850584
One is doing this through a GPO or manually accomplishing this by individual workstations.  Those are the only 2 options you got.  The first option requirements is domain admin privileges, the second option just requires local admin to the workstations but just a pain because gotta do this for each time it's formatted too.
0
 
LVL 2

Accepted Solution

by:
ihuckaby earned 375 total points
ID: 11853860
The easiest thing would be to ask the domain admins to put said workstations in their own OU, then block policy inheritance there.

I say that's easy, but I suppose that depends largely on the domain admins now, doesn't it?  It could also depend greatly on your overall AD design.

If they're really nice, you can ask them to delegate authority to you for that OU, and then it can become your problem.  You could then make your own policies for all the machines in the OU.  They could also then selectively place domain policies onto the OU, rather than them inheriting everything above them.

You could also ask them to deny "apply group policy" rights to those selected machines, but would have to do that on every policy that messes your machines up.  That can suck if there are a lot of relevant policies.

You can configure local policy, but if they don't allow domain policy to be overridden (and why would they), then you're just going to repeatedly eat domain policy.

If you have draconian sysadmins, then most likely the machines will just have to stay off the domain.
0
 
LVL 9

Expert Comment

by:Pentrix2
ID: 11853948
ihuckaby is right and like i was saying too, depending on your organization and the security policies of giving out admin privileges.  but like ihuckaby said, if they're REALLY nice.  most likely, they won't.  for you to get that kind of access even just for 1 custom OU for this situation, it has to get approval from your supervisior and depending on how your company's structure it may even go for further approvals to even get this.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
An article on effective troubleshooting
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question