Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hello everyone, this is my first post here and I hope to be as clear as possible. I work for a school district and we have implemented terminal services in hopes of taking advantage of the cost savings associated with thin client computing(HP T5135). We have the clients setup in 3 different labs (MST,Library,Guidance) and have setup user accounts for each client, i.e. client#4 in the MST lab would use the MST4 profile. We have enabled the option to only allow one login per user. What we have found is that if MST4 is logged into Client#4 and a student tries to login as MST4 on client#5, that student will now takeover the MST4 profile, while the original student is booted from the profile. To make matters worse, the student on Client#5 now has access to whatever documents the student on Client#4 had open. As you can see, this is a major security issue. Not only that, once students find this flaw they will exploit it and cause major headaches for other students, teachers and myself. Is there anyway, other than sharring a common profile, that we can prevent/deny this from occuring. Is it possible to configure the client itself to auto-login with a specified user. Also, we use Novell for many network applications, including authentication which means nothing with active directory could help us....Open to any suggestions regarding policy tweaks or third party software.
Thanks
Are you logging in locally or via active domain?
"Best Practices", Event viewer, host file, perfmon, are in my top 10
0 
The autologin feature should be in the configuration of your thin client. I've only used 2 types but both have the ability.
0
The users login locally, but they must first authenticate through novell. Is the novell piece the problem?
0 0
@ErnNicolas
Yes and no. there is an option to synchronize the novell password with windows so you only authenticate once (as far as the user can see) the way we have the student machines set up is that they login with their personal information through novell and then are presented with a windows workstation login in which they use a generic student account. If we set it up for synchronization, only the initial student would be able to login to the account.
0
If that's the case, the only way that I can see around your issue would be to create individualized accounts for each student for the local system vs generic accounts.
But I can't believe that this would be a solution. You might want to throw this question over to the novell side and see what kind of answers you get. I don't know enough about the novell client to assist. Good luck.
0
we use netware as our primary logon with thin clients. I see your issue of being one based on using generic logons. We only use individual logons.
In other words, all users logon to the thin clients automatically as "user". In our case we then autostart the Citrix sessions which then presents them with a netware logon.
Seems to me you are combining local and network authenication which, IMHO, won't work.
Imagine the power of knowing how to internet search
http://www.lib.berkeley.edu/Teachin...
0
I agree with wanderer. If you have a 'generic' logon on the computer, that is the issue. And as you have seen, it is a problem. They need to log onto the computer containing their documents with an account only they have access to and require they have a secure password that is changed fairly often.
You can't expect to have any degree of security on a system that uses shared accounts.
0  |
 StartUp Scrips
|
setting up server email n...
|
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
