JustGeorge Posted March 2, 2017 Share Posted March 2, 2017 (edited) I am tasked to help out with IT related duties for a classroom with 12 domain connected PCs being used by students. Currently, I have 12 generic user accounts configured as student1, student2, student3, etc. Users are assigned the same computer on a daily basis. I do not create named accounts because there is turnover due to clients being admitted\leaving, so I feel the generic logins suffice and alleviate additional work. The issue at hand is the instructor of this classroom is pushing me to create individual usernames/accounts because they feel this would allow them to monitor students activities more closely and catch any misbehavior. My opinion is that if students are assigned a particular PC to use, you would still know whose doing what based on which of student is assigned one of the generic student1-12 accounts and what PC they were using.. Ricky Bobby is student1, Johnny Jackleg is student2, etc. Seems like a simple concept to grasp. Am I wrong here? Regarding monitoring student activity: Assuming a default Windows 2012 Domain with Exchange 2012, a WatchGuard XTM33 Firewall appliance and no additional tools, is it possible for one to pull any sort of meaningful report showing the internet activity of these individual accounts? I'm thinking this could be done via the static IPs and the Firewall, but honestly, I'm in over my head on this one. Building/Troubleshooting/fixing PCs, I can handle. Basic networking, I get. Setting up user accounts and shares on a Server, can do. I'm not however a Network Engineer or a Server Administrator. I'm basically on-site assistance for day to day stuff and the heavier requests get shunted to smarter people than I. There is a lot of pressure on me to solve these issues myself because I'm a lot cheaper than the smarter people.... If this cannot be accomplished with what I currently have to work with, could anyone recommend any easy to use tools for such a task? I guess the only reason they want the report is to have proof to show why they booted a student out of the class. Thanks all! EDIT: Anyone have experience with this software? http://www.netsupportschool.com/monitor.asp Edited March 2, 2017 by slamfire92 Link to comment Share on other sites More sharing options...
+BudMan MVC Posted March 2, 2017 MVC Share Posted March 2, 2017 Your firewall should be able to monitor exactly where users are going by username or IP. Your problem generic is let me guess they all have the same password or is tied some formula to work out.. Why is it hard for you to create 12 user accounts, doesn't matter if you had new students every day.. it takes seconds to create an account. Simple script and you create the 12 accounts in 1 command.. Not like you have to walk around to each machine - create account with generic password. Force users to change it on first login. Tie your firewall/proxy ie UTM to their account and make them login to access the internet via your firewall captive portal.. BTW that xtm33 is pretty old.. the T50 replaces it.. It was end of sale summer of last year.. How long have you had it? What is it licensed for. Do users even need internet or wide open internet for this class - I would assume the network would be limited to what they need for the class work. Link to comment Share on other sites More sharing options...
JustGeorge Posted March 2, 2017 Author Share Posted March 2, 2017 (edited) 1 hour ago, BudMan said: Your firewall should be able to monitor exactly where users are going by username or IP. Your problem generic is let me guess they all have the same password or is tied some formula to work out.. Why is it hard for you to create 12 user accounts, doesn't matter if you had new students every day.. it takes seconds to create an account. Simple script and you create the 12 accounts in 1 command.. Not like you have to walk around to each machine - create account with generic password. Force users to change it on first login. Tie your firewall/proxy ie UTM to their account and make them login to access the internet via your firewall captive portal.. BTW that xtm33 is pretty old.. the T50 replaces it.. It was end of sale summer of last year.. How long have you had it? What is it licensed for. Do users even need internet or wide open internet for this class - I would assume the network would be limited to what they need for the class work. All accounts have to be configured on first boot. They want every program they use setup and ready to go, no thinking. I'm sure it can be done via script, I just don't know how and no one to teach me. We're not all like you Budman XTM33 has an active license. We'll probably replace it once that license expires. The instructor wants full internet access for their class. I have the obvious inappropriate material blocked using the web blocker utility, Link to comment Share on other sites More sharing options...
TheReaperMan Posted March 2, 2017 Share Posted March 2, 2017 In the long run you are better with accounts for each student and member of staff, as you can setup restrictions by group of users and you will then know who is doing what. As currently one user could log in to any computer using the generic accounts. If a safe guarding issues comes up you will also be able to cover yourself and the teacher as you should be able to trace it to a user and not just a generic account anyone could use. Link to comment Share on other sites More sharing options...
JustGeorge Posted March 2, 2017 Author Share Posted March 2, 2017 (edited) 54 minutes ago, TheReaperMan said: In the long run you are better with accounts for each student and member of staff, as you can setup restrictions by group of users and you will then know who is doing what. As currently one user could log in to any computer using the generic accounts. If a safe guarding issues comes up you will also be able to cover yourself and the teacher as you should be able to trace it to a user and not just a generic account anyone could use. I do at least have the generic account configured to login only to the the computer its assigned to. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted March 3, 2017 MVC Share Posted March 3, 2017 The system will create a profile when the account logs in - is the program not installed on the machine already.. What would have to be setup just because you use a different profile. Its like when word is installed on a system, and billy a different domain user logs into the machine - he has access to word.. As to your lic on your firewall - so you have all the options? Or you have base lic.. There are lots of different ways to license those firewall that give them more features, etc. Link to comment Share on other sites More sharing options...
atleeit Posted March 8, 2017 Share Posted March 8, 2017 12 users easy, internet watch via proxy and blockdy block when they abuse. Do network share via domain nfs mount or dfs then can track file changes if need be. Wish i had 12 users on the domain i look after lol Link to comment Share on other sites More sharing options...
Recommended Posts