W2000 Domain with XP pro and Windows 98 - Best practices

Hi all, i'd like you to point me in some directions regarding the following:

A school with 7 servers W2k (2 DC+DNS, 1 DHCP, 1 ISA2000+Exchange2000, 3 File and Print Servers) , none of the servers has backup hardware like tapes.

Workstations, 50 W98, 75 WinXP pro

I would like to apply group policies, which is no problem with Windows XP Pro, but regarding the W98 i really don't know how to handle them.

I'd like to restrict access to the w98 definitions like control panel, disable command line, disable access to the network settings, disable software instalation and so on....

The users can be using whatever machine is available (w98 ou XP) , i'd like to have drives mapped regardless of logging in w98 or xp.

I really want to lock down the w98's.

I also need a good strategy to backup all the servers.

Thanks

Bruno

LVL 6
bmquintasAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jamesreddyCommented:
Group policies are not possible with Windows 98 machines.  Only NT-based systems can implement gorup policies.  If you need a solution for 98, try Winlock (http://www.midi-converter.com/WinLock-download-1767.html).  I used it when I still had 98 machines.  Only problem is management has to be done machine-by-machine.  No central management is possible.

The mapped drives can be done with a simple logon script specified under the profile tab of user properties on the server.  If you need assistance creating that script, let me know and I'll post examples.

Backing up servers really requires a tape backup.  Worst case....if you simply cannot get a tape backup, try implementing Distributed File System and creating a Replica Set for the essential files that you do not want to lose.  Copying files to another server gives you a small measure of security, anyway.  Good link to discuss these concepts further and walk you through the installation is here: http://www.chrisbutterworth.com/comp/dfs.htm

Also...for those 98 machines to properly read the Active Directory structure, you will need to install the DSClient onto all of those machine, or they may not work properly.  http://support.microsoft.com/default.aspx?scid=kb;en-us;288358

Hope that helps.

James
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bmquintasAuthor Commented:
Thanks for the heads up James, what about using poledit for w98, can i get something with that?
With xp , i don't need to assign logon scripts to users, i'll assign them to OU's through GP, do i need do assign them to individual users to get the drives mapped with 98?
0
jamesreddyCommented:
Yes...poledit can be used.  I kind of forgot about that.  I don't know you'll have the same flexibility as WinLock.  I know that for what I wanted (at the school I manage) poledit was insufficient, but for your purposes, it might just do the trick.  Good link for poledit info: http://www.zisman.ca/poledit/

As far as the drives go...I would still use logon scripts for all of the machines.  The reason is that it will make the transition easier if a user ever moves from 98 to XP machines.  If there will never be any users that move between differing machine types, then you can easily implement drive mapping with group policy.  I have found the approach a little overkill for the school I maintain.  If you ever need to add or make changes, they can be more quickly implemented if you use logon scripts, than using group policy.

Group policy is great...but the more you add to it, the more quirky it can become.  If I can do something without group policy, I usually try to.  But in theory, it won't hurt to do it either way.

James
0
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

bmquintasAuthor Commented:
Thanks for helping James.
0
altonPMCommented:
Bruno, there is a new server-based version of WinLock available.  I paid $500 (k-12 pricing) and got something like 7 products from Visionsoft:  www.schoolsdownload.com .  You still have to deploy the WinLock7 client on each W98 machine - or you can do it with a login script - but all of the settings are centralized by account on the server.  I use Group Policy for our XP machines.

I also use an imaging product to duplicate settings out to each of the workstations - Norton Ghost is a popular one, but I use Acronis.

Pam
(Director of Technology for a K-8 school district)

0
bmquintasAuthor Commented:
Thanks for the info i'll get a look into it.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.