mgendron57
asked on
policy issue. You'll like this one
I have a laptop that was provided by the companies IT dept (for which I’m part of) and the common practice is the machine name is named after the user name and, the administrator account is also renamed to the user name. We’re on a power 9 network so there no domains to log into Persia.
So a typical file server mapping would look like this; \\machinename\username and both are the same. It for higher security. Anyway I hosed the Software restriction policies under the admin account (which is my user name). I was just looking and noticed that it was empty which I now understand is normal for my company. I have luckily another account with admin rights but it’s still not the same as a renamed administrator account.
What are my options? I need to somehow repair this so the renamed admin account is still the same as the machine name and I can’t of course change my account name.
So a typical file server mapping would look like this; \\machinename\username and both are the same. It for higher security. Anyway I hosed the Software restriction policies under the admin account (which is my user name). I was just looking and noticed that it was empty which I now understand is normal for my company. I have luckily another account with admin rights but it’s still not the same as a renamed administrator account.
What are my options? I need to somehow repair this so the renamed admin account is still the same as the machine name and I can’t of course change my account name.
ASKER
You know,
What you thoughts ae about the company I work for <<<securitypolicy is a bunch of garbage>>> is not really helpful toward the question or more like the scenario I put out there!. And if you read my request you would have not said half the things you did. I OF COURSE have two accounts (if fact I have several) being a Network Admin for one of the biggest and successful companies in the WORLD, I don't think I'll be making any suggestions like,
<<<So I would suggest to your colleagues to rename the admin-accounts so the names are unique in the network. And I would suggest changing the computernames as well. If they insist that a user must be indentifiable by the computername, consider prefixing them with a letter. For example: \\Wusername\username>>>
If the company I work for was so badly put together (and if you couldn't tell what company I work just buy a single line I wrote well) I wonder how it is that when ever there a huge virus break out, their one of the few who not are affected...Ummmmmm.
So I guess you don't have a real suggestion/answer and just wanted to show me how badly I and the company are doing lololololololo.
Ps...The triple <<<------->>> were quotes from you very helpful response. And you might want to give a look at the (Question and Answer tips) area.
What you thoughts ae about the company I work for <<<securitypolicy is a bunch of garbage>>> is not really helpful toward the question or more like the scenario I put out there!. And if you read my request you would have not said half the things you did. I OF COURSE have two accounts (if fact I have several) being a Network Admin for one of the biggest and successful companies in the WORLD, I don't think I'll be making any suggestions like,
<<<So I would suggest to your colleagues to rename the admin-accounts so the names are unique in the network. And I would suggest changing the computernames as well. If they insist that a user must be indentifiable by the computername, consider prefixing them with a letter. For example: \\Wusername\username>>>
If the company I work for was so badly put together (and if you couldn't tell what company I work just buy a single line I wrote well) I wonder how it is that when ever there a huge virus break out, their one of the few who not are affected...Ummmmmm.
So I guess you don't have a real suggestion/answer and just wanted to show me how badly I and the company are doing lololololololo.
Ps...The triple <<<------->>> were quotes from you very helpful response. And you might want to give a look at the (Question and Answer tips) area.
I'm sorry if I did not understand your question correctly, as English is not my native language and I guess it's not your native language either. But what you say here:
"I have a laptop that was provided by the companies IT dept (for which I’m part of) and the common practice is the machine name is named after the user name and, the administrator account is also renamed to the user name."
I assumed that a laptop for the user with username johndoe is named johndoe. Futhermore the local admin-account is also renamed to that user, so you have the user working as admin on a machine that carries the name of the user. And as I said already, that's not the best way to go.
But apparently I'm mistaken.
"I have a laptop that was provided by the companies IT dept (for which I’m part of) and the common practice is the machine name is named after the user name and, the administrator account is also renamed to the user name."
I assumed that a laptop for the user with username johndoe is named johndoe. Futhermore the local admin-account is also renamed to that user, so you have the user working as admin on a machine that carries the name of the user. And as I said already, that's not the best way to go.
But apparently I'm mistaken.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I gave you the points for being polite. It was a very difficult issue to explain in type, but there was no better way to explain it. I even showed it to several other IBMers and they knew, as well as I did going in, that it was probably was too involved to try and fix let alone get and instant answer. But, I though I would give it try. I ended up fixing the broken policy just enough to get me through a few days than then I re-imaged it.
Thanks anyway isyseurope
A NOTE TO "RiDo78"
Just a little some advice;
I would concentrate more on being part of the solution rather the problem. If you re-read you comment, you had nothing to add to this. Frankly it was a waste of my time even having to read it! Oh, and by the by, I was a English major in college smart a___
Thanks anyway isyseurope
A NOTE TO "RiDo78"
Just a little some advice;
I would concentrate more on being part of the solution rather the problem. If you re-read you comment, you had nothing to add to this. Frankly it was a waste of my time even having to read it! Oh, and by the by, I was a English major in college smart a___
Second, how did you manage to have the machinename to be identical to the username? For as far as I know, windows does not like it at all. Try it on a stand-alone machine, windows will refuse to accept a username that is similar to the machine name or a machine-name that is similar to one of the usernames.
So I would suggest to your colleagues to rename the admin-accounts so the names are unique in the network. And I would suggest changing the computernames as well. If they insist that a user must be indentifiable by the computername, consider prefixing them with a letter. For example: \\Wusername\username.
But be carefull because there is a big change that the Active Directory is messed up with computeraccounts having userprofiles and viceversa. So it might be possible that the user johndoe gets trouble logging in when his computer is renamed to Wjohndoe, as his own useraccount might be effected as well.