User:Ilya/Win.mit.edu

From OpenWetWare

(Difference between revisions)
Jump to: navigation, search
Line 1: Line 1:
 +
==Common tasks==
*[http://web.mit.edu/ist/topics/windows/server/winmitedu/join.html Joining the domain]
*[http://web.mit.edu/ist/topics/windows/server/winmitedu/join.html Joining the domain]
*#[http://web.mit.edu/ist/topics/windows/server/winmitedu/container_info.html Add the machine to your container.]
*#[http://web.mit.edu/ist/topics/windows/server/winmitedu/container_info.html Add the machine to your container.]
Line 35: Line 36:
*AD Container Management (available on WIN machines) - an MMC snap-in tool, normally found under the "Administrative Tools" menu, or invoked with the command adcontmgr.msc.
*AD Container Management (available on WIN machines) - an MMC snap-in tool, normally found under the "Administrative Tools" menu, or invoked with the command adcontmgr.msc.
 +
 +
*To connect remotely or from non-Windows OS:
 +
**must to set win password before connecting to home directory from mac/linux
 +
mount -t cifs //win.mit.edu/dfs/profile/u /mnt/win -o user=username,domain=WIN.MIT.EDU
==Windows Update==
==Windows Update==
Line 49: Line 54:
:set intranet update service and statistics server to http://sus.mit.edu
:set intranet update service and statistics server to http://sus.mit.edu
-
==Remote connection==
+
==Endy Lab OU==
-
mount -t cifs //win.mit.edu/dfs/profile/u /mnt/win -o user=username,domain=WIN.MIT.EDU
+
*Machine containers:
-
*need to set win password before connecting to home directory from mac/linux
+
**Machines/BioEng/endylab/workstations
 +
**Machines/BioEng/endylab/servers
 +
*User lists:
 +
**endylab
 +
**endylab-admin
 +
*To edit group policy for the machines in your OU (using Windows):
 +
**run mmc from the command line
 +
**Add a new snap in Group Policy Editor
 +
**Browse to this: GP Bioeng/endylab/workstation
 +
 
 +
===Todo===
 +
*make sure machine logins are restricted to endylab members
 +
*add users to endy-admin list (default restrictions: can't change the system time (viewing calendar), cant copy files to the C drive)
 +
*is it possible to change the default set of rights for regular user accounts?
 +
**Restricted Groups - to restrict access to the machines
==Reference==
==Reference==
Line 59: Line 78:
*[http://web.mit.edu/winathena-stat/ Windows Domain win.mit.edu Statistics]
*[http://web.mit.edu/winathena-stat/ Windows Domain win.mit.edu Statistics]
*[http://mit.edu/is/topics/windows/server/winmitedu/sendbug.html Report a bug or problem with a win.mit.edu machine]
*[http://mit.edu/is/topics/windows/server/winmitedu/sendbug.html Report a bug or problem with a win.mit.edu machine]
 +
*[http://web.mit.edu/is/topics/windows/server/winmitedu/help.html Logon procedure]
 +
*[https://wince.mit.edu User and container admin tasks] (delete machine, change AD password, etc)
 +
*[http://web.mit.edu/ist/topics/windows/server/winmitedu/RIS.html RIS] - Remote Installation Service
 +
**MITnet DHCP will route PXE requests to WIN.MIT.EDU – RIS

Revision as of 21:07, 18 December 2006

Contents

Common tasks

  • Joining the domain
    1. Add the machine to your container.
    2. Get a temporary join account name and password.
    3. Log on to the machine as local administrator.
    4. Right click the My Computer icon.
    5. Select Properties.
    6. Click the Network Identification tab.
    7. Click the Properties button.
    8. Select the Member of Domain radio button.
    9. Type in: WIN.MIT.EDU (in all capitals).
    10. The next screen will prompt you to enter the WIN account name and password authorized to install machines in the domain. Enter the temporary join account name and password. Result: You will get a screen welcoming you to the domain.
    11. Reboot the machine for the changes to take effect.
  • To check Moira record for a hostname of IP adress:
athena% stella foo

or

athena% hostinfo foo

or

athena% nslookup foo
  • To check container assigment:
athena% stella foo -lcn
Machine: Container: Machines/pismere-laptops
  • To add the machine "foo" to the container "test":
athena% stella foo -acn Machines/test
  • Moira (available on UNIX Athena and WIN machines)
    • /usr/athena/bin/moira (The container menu is available from the top level menu, currently it is choice number 12)
    • http://web.mit.edu/moira
    • Administrative Tools-> Moira Account Management
  • mitch - examine and modify informtion about containers in Moira
athena% mitch Machines/BioEng/endy
  • AD Container Management (available on WIN machines) - an MMC snap-in tool, normally found under the "Administrative Tools" menu, or invoked with the command adcontmgr.msc.
  • To connect remotely or from non-Windows OS:
    • must to set win password before connecting to home directory from mac/linux
mount -t cifs //win.mit.edu/dfs/profile/u /mnt/win -o user=username,domain=WIN.MIT.EDU

Windows Update

Auto Hotfixer is a retired tool. We use WSUS to have replaced it. You don't need to make the change to autohotfixer when you switch to MIT WSUS. Machines in win.mit.edu should be all set for using MIT WSUS as long as you didn't make changes in your container to overwrite Windows Update settings.
enabled|disabled|5 - local admin to choose the update/reboot behavior
  • Computer Configuration > Administrative Templates > Windows Components > Windows Update > No auto-restart for scheduled Automatic Update installations
  • Computer Configuration\Administrative Templates\Windows Components\Windows Update\Specify intranet Microsoft update service location
set intranet update service and statistics server to http://sus.mit.edu

Endy Lab OU

  • Machine containers:
    • Machines/BioEng/endylab/workstations
    • Machines/BioEng/endylab/servers
  • User lists:
    • endylab
    • endylab-admin
  • To edit group policy for the machines in your OU (using Windows):
    • run mmc from the command line
    • Add a new snap in Group Policy Editor
    • Browse to this: GP Bioeng/endylab/workstation

Todo

  • make sure machine logins are restricted to endylab members
  • add users to endy-admin list (default restrictions: can't change the system time (viewing calendar), cant copy files to the C drive)
  • is it possible to change the default set of rights for regular user accounts?
    • Restricted Groups - to restrict access to the machines

Reference

Personal tools