ZfD 6.5 and 7
We are in a school system where technicians, help desk personnel, lab managers and teachers need various levels of remote control or view rights. Here are some tips on setting it up in the most efficient manner.
- All our student users and student labs are set to allow Remote Control WITHOUT any permission required or visible signal. This allows teachers and lab managers to discreetly check on student workstation activity. Plus they are allowed to lock student keyboards and mice.
- Teacher/staff user settings require that the remote manager ask permission before access is granted and that a visible signal is given to the user. That way we avoid any privacy issues, legal or otherwise, and political fallout as well.
- Teacher/staff workstations are set up so that permission is NOT required to remotely access. That is so the techs and help desk can manage a workstation when no user is logged in, such as before or after school hours.
- A special case is used for technicians and help desk personnel. As users, they are set up so that permission is NOT required to remote control them, but a visible signal is given. This may sound strange, but many times techs have remotely logged into workstations only to accidently close the window without logging out. They would then have to physically visit the workstation to log out, since they were not at the desktop to give themselves permission to remote control themselves!
- Concerning rights, lab managers and teachers are only given remote view rights, while techs and help desk people are given the full remote control rights they need to help users.
Trial and error led us to this type of setup and it has proved to work quite well for us.
If you have any questions you may contact James at jdaveyTAKETHISOUT@glenbrook.k12.il.us
OPEN CALL: If you have any other suggestions to add to this excellent list, please send them along. As always, you’ll get Novell Rewards points for anything we publish. We’re interested in seeing if there are significant differences between the way you do this in a school versus other kinds of environments.
Many thanks to James for this great article idea. We love these practical Best Practices lists.
City of Fresno has a similar policy as James; all policies have the capability to lock the keyboard.
- All workstations have a No Ask (& Display Visible Signal) policy for remote control.
- All Users have Ask, (& Display Visible Signal) policy for remote control.
- Classroom workstations and classroom logon IDs have both No Ask and No Visible Signal.
- Public Kiosks have both No Ask and No Visible Signal.
As we visit the different departments for annual PC upgrade meeting we let management know the options for Remote Control.
Some even want the ability to Remote Control their users desktops at will.
We set up
(developed by Holger Dopp ) for those needing Remote Control without using ConsoleOne. Manageability is still set up in ConsoleOne as Remote Operators.
I also manage a large (2100 users) public high school technology program and have implemented two changes to the general suggestions made so far:
- All users are told that the equipment and network belong to the school and may be used only for school-related activities. There can be no “expectation of privacy.”
- All computer use is monitored and full remote control is activated, with no local warning or permission requirement. But, only the tech support staff has access.
- All computers available to students in a classroom environment include an NSS-client (from NetSupportSchool), and may be fully monitored and controlled by the teacher in that classroom using the NSS-Tutor package from the same supplier. The multi-user, common-action features of this software make it an ideal teaching tool in the lab environments. The Tutor station only controls the client stations in one lab, even though we have 4 labs operating on the network. We also maintain full monitor and remote capabilities in these labs for the tech support staff using ConsoleOne. Our techs often find it more convenient to use the NSS package to auto-login the entire lab, push out files and configuration changes, then reboot the whole mess with a single command.
- Even the tech support staff is under the same rules ? so when they do lose a station, they can simply reconnect to it.
Maintenance time and cost are absolutely minimum, as are inappropriate usage and vandalism by young and old both.