UniversalTemplate/logo.png UniversalTemplate/UTS.png

How to Set Up a Lab Computer


Topic: How to Set Up a Lab Computer
Audience: Staff
Creation Date: January 9, 2011
Author: Lou Kondek

The purpose of this document is to establish how to set up lab computers in a shared environment using forced authentication with Bradford on a per-session basis. Forced authentication requires that each user registers with Bradford using their NetID each time they wish to use the network Internet service. The benefit to having each user log in and register is to provide accurate security data.

You may also wish to view how to use Windows Capture CD and also how to use Windows Deployment Server

Windows setup instructions

  1. Login as an administrator
  2. browse to \\admnet\NETLOGON\nac
  3. copy the "logon.ps1" script on the C drive (you may need to move the file to the desktop then drag it to the C drive)
  4. click start and type "mmc" (without the quotes)
  5. select File -->Add or Remove Snap-in..

  6. From the list on the left select "Group Policy Object Editor"
  7. Click the "add >" button in the middle

  8. Click finish at the pop up screen
  9. Click Ok On the left pane expand (Local computer policy --> User Configuration --> Windows settings) select "Scripts (Logon/Logoff)" on the right pane double click "Logon"

  10. Select the "PowerShell Scripts" tab at the top

  11. Click "Add..." --> "Browse" Navigate to the C drive where the script was placed and click open

  12. select "Ok" to close the "Add a script" prompt
  13. At the bottom there will be a setting called "For this GPO, Run scripts in the following order"
  14. select "Run Powershell scripts last"
  15. This script will now run each time a user logs into the PC

At this point the computer owner should open a ticket with UTS. The computer owner should have the following information available:

  • Computer Type
  • Computer Name
  • IP Address
  • MAC Address

This ticket should be assigned to Network Communications Services to place the necessary computers on forced authentication with Bradford as well as to the Windows team for pushing group policy.


Forced Authentication FAQ

What is Forced Authentication?

Forced Authentication refers to a process by which a user can gain Internet access by using their NetID. Oakland University Policy requires that network patrons provide university credentials (their NetID) for access to the network.

When should I use Forced Authentication?

Forced Authentication should be used when a computer is shared among individuals whose actions on the Internet can not be authenticated to an individual logon account. For example this would include lab, kiosk, and other publicly accessible computers like those found in the library. Forced Authentication is implemented with software that must be installed on a shared/public computer by the computer administrator with assistance from UTS.

How does Forced Authentication work?

When attempting to access the Internet a user is directed to a web-page where they must first enter their NetID and password. After authenticating a user has unrestricted access for the remainder of their session. This process is similar to what a individual experiences when gaining Internet access at a coffee shop or hotel.

What is required to use Forced Authentication?

All shared workstations should have enhanced security incorporated into their baseline configuration. For example these settings should prevent authorized alterations.

Additionally, they must:

  • Be configured with a specialized start-up or shut-down script that terminates the previous user’s session.
  • Have their default home-page set to Internet Authentication page.
  • Have desktop icons added to allow a user to easily terminate their active session
  • Have special network settings applied by UTS

How do I enable Forced Authentication?

You must contact University Technology Services in order to use Forced Authentication. You will be requested to provide the computers:

  • Registered owner \ Device Manager
  • Name
  • MAC address

Please note the Registered Owner is used for assigning the person responsible for managing the equipment. This individual is typically a Distributed Technology Staff member or Faculty member. UTS will collaborate with you to apply the necessary network changes and provide you with the appropriate information for use in workstation configuration. While UTS will make a best effort to assist with start-up and shut-down scripts it is ultimately the responsibility of the machine owner to configure and test that the equipment is working satisfactorily.

Click here for TSS set up steps.


TSSHowTo