Procedures for the Management of Notebooks by IST Liaisons

1. Preparation in Advance of Migration (at least 1 day prior to migration)

  1. If client has been using notebook, review usage with client to identify any files that need to be backed up. These include:
  2. If the notebook does not have a current set of system recovery disks, complete the process of taking an image of the harddrive. You will require the bootable CD (from Peter) and the Client Services USB backup device. Configure notebook to boot from CD and follow instructions on screen.
  3. Verify that client has license for Office and determine which version of Office is required.
  4. Determine client's requirements for roaming profiles. If client uses another computer, recommend that roaming profiles be turned off for client. Discuss implications with client.
  5. Consider the clients preference for email client. A number of difficulties have been experienced with the use of Eudora. An issue has been reported with Eudora failing to accept offline files as well as other issues when configured for POP. Migration to another email client such as Outlook Express or Outlook configured for IMAP is recommended. If moving away from Eudora, please assist client with this migration before migrating the notebook to a managed environment.
  6. Send request to hostmaster for changes to ADS, DNS and DHCP:
  7. On completion of hostmaster request, submit request to ntmaint. Identify:

2. Preparing Notebook for Migration

With the notebook unplugged from the campus network:

  1. login as administrator
  2. Check that the latest service pack has been installed; if necessary install using the Home and Security CD.
  3. Stop Windows Services that pose a security risk:
    (My Computer -> Manage -> Services & Applications -> Services). Double-click on the following services; click Stop if service is running and set Startup Type to Manual.)
  4. In the Control Panel Network Connections, open Properties on LAN and wireless connections and disable the Quality of Service (QoS) packet scheduler.
  5. Security policy changes:
    (Start -> Settings -> Control Panel -> Administrative Tools -> Local Security Policy):
  6. Disable guest account (Properties - uncheck box).
  7. Disable remote assistance.
    (Control Panel -> System -> Remote -> Advanced. Uncheck "Allow this computer to be controlled remotely") OK.
  8. Check that the Windows Firewall is turned on and configure the wireless setting for ICMP to allow "remote echo request".

Plug the notebook into the network

3. The Migration Process

  1. Join computer to the ADS domain. Right-click on My Computer -> Properties -> Computer name -> Change -> Member of -> Domain, enter ads.uwaterloo.ca, OK. When prompted for the name and password of an account with permission to join the domain, supply your ADS\Acsup-Computer Support credentials, OK. Close all open windows and restart machine.
  2. Login using the local administrator account.
  3. Create any local administrator accounts that are required such as !userid for the client. If present, ask the client to enter their local administrator account password. If client is not present enter a default password and set it to expire at first login. Add the client's local administrator account and the ADS\OU-Administrator security group to the Administrators group. Right-click on My Computer -> Manage -> Local Users and Groups -> Groups -> Administrators -> Add. Supply your ADS\Acsup-Computer Support credentials. The Power Users group should have no members.
  4. Add all Departmental printers using the addprint.bat file using a floppy disk or USB thumb drive. Start -> Run -> Browse -> a: -> addprint.bat. Add the machine name to command line. For example: addprint.bat istpc93. A blank black window will briefly appear on the screen. Remove floppy disk or thumb drive when drive light turns off. The departmental printers list will not appear until after the machine has been restarted.
  5. Restart machine and verify the implementation of ADS managed group policies. Open a command line window and enter: the gpresult command. Check for Academic Support Software distribution within the Applied Group Policy Objects list. Check for the Standard Applications security group within The Computer is a part of the following security groups list. Note: Group policy updates will normally occur within 90 minutes after completion of Hostmaster and ntmaint requests. This may sometimes require a few reboots. Check the Add\Remove programs list for the most recent versions of standard software such as Acrobat Reader and Eudora to indicate that managed software deployment has taken place.

4. Post Migration

  1. Have client login using their General ADS Account.
  2. Assist client with selecting their default printer, reinstallation of non-standard software, creation of shortcuts, testing and configuration of email program, importing favourites, mapping network drives, etc.
  3. Alert client to the fact that group policies turn on the Windows Firewall with a particular configuration setting.
  4. Apply the following local configuration changes; with the approval of the client:
  5. Show client how to set a screen saver and hybernation password (Right-click on desktop, Properties -> Screen Saver)
  6. Discuss folder redirection of 'My Documents' to their network drive, N:.
  7. Discuss use of offline files:

Last updated by Phil Knipe (pknipe at uwaterloo.ca) November 25, 2005