We will stick to setting up the network, user management and policies on the Windows workstations.
I will not go through all those steps, naming each dialog box. I will presume that if you can read and understand this document you can find your way through that mess.
First, unless you really need, remove all network protocols but TCP/IP. Even without their own protocol, Windows machines like to broadcast a lot, and this doesn't please anyone. Anyway, with TCP/IP who needs anything else?
If you setup a DHCP server on your Linux box, remember that Windows workstations can get the nameservers and gateway's address besides its own IP address from it. So, you don't need to set all these items on each workstation.
Configure the Windows workstation to log in a Domain, and give the domain name of your Linux server. This is essential to the gateway work.
There is a utility named policy editor bundled on the Windows CD. The file name is poledit.exe. This tool, as the name suggest, allows to create a user and system policy file.
Unfortunately, this tool does not generate a plain text configuration file, so I can't place an example here.
Use the policy editor to create a policy to your workstations and users. You should disable the local password cache and domain cache in order to get some security. Save the policy file as config.pol and place it at the netlogon share of your Linux server. In this way, your Windows workstations will download and use the config.pol file to set their policy. Of course this task must be done on a Windows machine.
If you don't use a config.pol file, your Windows workstations will annoy you asking for a Windows password and you will become nuts trying to synchronize and manage your Domain and Windows passwords. It seems that the OS doesn't know that it joined a domain. You must tell it and then you have to slap it in the face so it will believe you.
Закладки на сайте
Проследить за страницей
Created 1996-2019 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру