logging in or signing up NonAdmin Pilot Belly Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: Embed: Flash iPad Dynamic Copy Does not support media & animations Automatically changes to Flash or non-Flash embed WordPress Embed Customize Embed URL: Copy Thumbnail: Copy The presentation is successfully added In Your Favorites. Views: 225 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: June 19, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript The Non – Admin Pilot: The Non – Admin Pilot Michel Christaller Ruben Gaspar Aparicio IT/IS Agenda: Agenda Why a new pilot ? How to participate ? What works ? Issues Workaround : NiceAdmin NiceAdmin Details Current situation Next Steps Why a new pilot ?: Why a new pilot ? Every main user / responsible has admin privilege on his computer Enforced at every boot Security concern : Viruses are empowered to harm the computer Pilot goal is verifying we can live without this privilege Restricted to Windows XP How to participate ?: How to participate ? Add your computer in the Pilot using this page http://cern.ch/win/services/nonadminmgr Participation can be cancelled After next reboot, your account looses it’s administrative privilege A pop-up tells you at every log on your status What works ?: What works ? Nice computer installation, automatic updates Most applications : Microsoft Office 2003 (Word, Excel, Powerpoint, Access, Frontpage, Outlook) Internet browsing with Internet Explorer (but..) Outlook Express, Acrobat Reader 7 CERN Phonebook, Nice Alerter Real Player 8, Windows Media Player 10, Windows Messenger 5.1 Symantec Antivirus 10 Remote Desktop Client Exceed 9 User-specific settings in the Control panel like Display settings, Regional settings, Folder options, Internet options .. Creation of a VPN connection to CERN Issues: Issues Access to some local files Checking a drive or defragmenting a partition is not allowed. (Write) Access to the registry Application installation / removal Third-party applications and drivers installation / usage problems (Remedy, Corel Draw 10, HomeSite, TopSite, Yahoo Messenger, Sony phone synchronization tool with Outlook, installing a scanner..) Internet Explorer Plug-ins install problems (QuickTime ,Google toolbar..) Outlook 'Report Spam' button (need to register the dll) Symantec Live-update : can’t update manually RealPlayer 8 does not retain some options set Nero burning CD problem Firewall settings Control Panel problems (Power Options..) Changing date/time Updating with 'Windows Update' site Workaround: Workaround Nice Admin application Allows main user / responsible to launch tasks with temporary administrative privileges Adds your account to the local Administrators group Forks a new process which creates a new logon session and builds a new security token Removes your current account from the local Administrators group NiceAdmin Details: NiceAdmin Details Two layer application : Service Restricts administrative privilege to the main user / responsible (as stated in LANDB) Maintains a cache in case of offline use Application Console mode Shortcuts (including shortcut maker) Context handler Demo Current situation: Current situation Documentation page : http://cern.ch/win/docs/nonadmin NiceAdmin workarounds all issues but Access to G: drive in installation scripts IT/IS computers participates to the Pilot, IT/UDS will do soon Next Steps: Next Steps Until 1st December : Participate to the Pilot, test your computer and NiceAdmin application During December or later : If agreed by DTF, Every newly installed computer will participate No automatic deployment on already installed computers – but allowed to participate Automatic deployment can be done on some Departments asking for it Windows Vista may provide a similar tool .. To be checked next year You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
NonAdmin Pilot Belly Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: Embed: Flash iPad Dynamic Copy Does not support media & animations Automatically changes to Flash or non-Flash embed WordPress Embed Customize Embed URL: Copy Thumbnail: Copy The presentation is successfully added In Your Favorites. Views: 225 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: June 19, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript The Non – Admin Pilot: The Non – Admin Pilot Michel Christaller Ruben Gaspar Aparicio IT/IS Agenda: Agenda Why a new pilot ? How to participate ? What works ? Issues Workaround : NiceAdmin NiceAdmin Details Current situation Next Steps Why a new pilot ?: Why a new pilot ? Every main user / responsible has admin privilege on his computer Enforced at every boot Security concern : Viruses are empowered to harm the computer Pilot goal is verifying we can live without this privilege Restricted to Windows XP How to participate ?: How to participate ? Add your computer in the Pilot using this page http://cern.ch/win/services/nonadminmgr Participation can be cancelled After next reboot, your account looses it’s administrative privilege A pop-up tells you at every log on your status What works ?: What works ? Nice computer installation, automatic updates Most applications : Microsoft Office 2003 (Word, Excel, Powerpoint, Access, Frontpage, Outlook) Internet browsing with Internet Explorer (but..) Outlook Express, Acrobat Reader 7 CERN Phonebook, Nice Alerter Real Player 8, Windows Media Player 10, Windows Messenger 5.1 Symantec Antivirus 10 Remote Desktop Client Exceed 9 User-specific settings in the Control panel like Display settings, Regional settings, Folder options, Internet options .. Creation of a VPN connection to CERN Issues: Issues Access to some local files Checking a drive or defragmenting a partition is not allowed. (Write) Access to the registry Application installation / removal Third-party applications and drivers installation / usage problems (Remedy, Corel Draw 10, HomeSite, TopSite, Yahoo Messenger, Sony phone synchronization tool with Outlook, installing a scanner..) Internet Explorer Plug-ins install problems (QuickTime ,Google toolbar..) Outlook 'Report Spam' button (need to register the dll) Symantec Live-update : can’t update manually RealPlayer 8 does not retain some options set Nero burning CD problem Firewall settings Control Panel problems (Power Options..) Changing date/time Updating with 'Windows Update' site Workaround: Workaround Nice Admin application Allows main user / responsible to launch tasks with temporary administrative privileges Adds your account to the local Administrators group Forks a new process which creates a new logon session and builds a new security token Removes your current account from the local Administrators group NiceAdmin Details: NiceAdmin Details Two layer application : Service Restricts administrative privilege to the main user / responsible (as stated in LANDB) Maintains a cache in case of offline use Application Console mode Shortcuts (including shortcut maker) Context handler Demo Current situation: Current situation Documentation page : http://cern.ch/win/docs/nonadmin NiceAdmin workarounds all issues but Access to G: drive in installation scripts IT/IS computers participates to the Pilot, IT/UDS will do soon Next Steps: Next Steps Until 1st December : Participate to the Pilot, test your computer and NiceAdmin application During December or later : If agreed by DTF, Every newly installed computer will participate No automatic deployment on already installed computers – but allowed to participate Automatic deployment can be done on some Departments asking for it Windows Vista may provide a similar tool .. To be checked next year