Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


March 1997

Reader to Reader - March 1997

From the March 1997 Edition
of Windows IT Pro
Readers
Reader to Reader
InstantDoc #3546
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
Subscribe to Windows IT Pro | See More Point-to-Point Tunneling Protocol (PPTP) Articles Here | Reprints | Or get the Monthly Online Pass—only $5.95 a month!

[Editor's Note: Share your NT discoveries, comments, and solutions and reach out to other Windows NT Magazine readers (including Microsoft). Email your contributions (under 400 words) to Karen Forster at karen@winntmag.com. Please include your phone number and a photo (.bmp) of yourself. We will edit submissions for style, grammar, and length. If we print your letter, you'll receive $100.]

In our corporate environment, we needed an efficient way to create a standard Windows NT 3.51 environment that we could lock from user tampering. We also wanted to avoid going to every PC to manually standardize every desktop. By using a few simple tools that ship with NT and the Microsoft Windows NT Resource Kit for NT 3.51, we can control every aspect of the security of the standard user environment--for example, we can prevent the user from changing the properties of an icon or from moving icons around on the screen. This standardization has saved our support staff hundreds of hours in configuring user desktops.

The first step is to create a new user profile (such as ProfileAdmin) that you use to configure the NT desktop. Give this user profile Administrator rights on the local NT workstation. Next, you want to set up a prototype NT PC where you will create the custom configuration.

After you log on as ProfileAdmin from your prototype PC, configure the desktop to your liking (see the NT manuals for information on user profiles and Knowledge Base Article Q128624 at http://www.microsoft.com/kb/articles/q128/6/24.htm for options you can configure). You can configure properties such as desktop wallpaper, screen saver, Program Manager groups, and icons. Screen 1 shows our standard desktop setup.

Notice that we added a Warrantech Information Systems group as a Common group. This group contains all necessary programs for any user who logs on to this NT machine. We can make any changes to the default system setup in this Common group, and any user who logs on to this PC will immediately see the changes. This group is also completely safe from user tampering because only members of the Administrator group can make changes to Common program groups.

Because Common groups are specific to a particular NT machine, we faced re-creating this group on every machine we wanted to standardize. To overcome this limitation, we used two utilities from the Resource Kit, regtogrp.exe and grptoreg.exe, as you see in Screen 2.

These utilities convert the Registry settings for the program groups to .grp files and vice versa. This capability lets you copy program groups from one PC to another.
At the command prompt, you type

regtogrp

to create the .grp files for your program groups. We're just interested in the Common group (Warrantech Information Systems) we created. Regtogrp inserts the letter c at the beginning of each common program group's name and removes any spaces. So, in our case, regtogrp wrote the group to the cwarrantechinformationsystems.grp file. Copy this file and grptoreg.exe to a central location. Also, create a small batch file that you can double-click in File Manager to execute the necessary command:

GRPTOREG /o /c cWarrantechInformationSystems.grp

Finally, after you create all the groups and configure all the settings, run the User Profile Editor, upedit.exe, that comes with NT Server or the Resource Kit. Screen 3 shows the User Profile Editor. You can set the restrictions according to your network policies (refer to the upedit.hlp file for details). After you make these settings, select File, Save As from the menu and enter a filename with a .man extension. This extension will prevent any accidental changes to the profile.

Next, go into User Manager and open the properties for the ProfileAdmin user. Click the Profile button, and enter the full path name (I suggest using a universal naming convention--UNC--path) and filename of the newly created profile for the User Profile Path option.

Finally, to standardize an NT workstation, log on to the target PC as ProfileAdmin. Make sure the ProfileAdmin user is part of the local Administrator group (only administrators can create Common program groups). NT will load the profile and the desktop will appear as you set it up, except without the Common group. Go into File Manager and double-click the batch file you created to run the grptoreg program. The Common group will appear.

Next, open the User Profile Editor program (which you need to copy to the home directory for ProfileAdmin). Select File, Save As User Default from the menu to save the default desktop settings for anyone who has not signed on to this particular PC before. Now, whenever anyone new logs on to this PC, they will have the standardized desktop.

—Roneil Icatar
icatar@warrantech.com

Point-to-Point Tunneling Protocol
Imagine that you want to connect to your home network over the Internet but you don't have a direct connection to the Internet and you haven't bothered to obtain a static IP address from your Internet Service Provider (ISP). You can still connect to your home network via Remote Access Service (RAS) with Point-to-Point Tunneling Protocol (PPTP) by following a few steps.

  1. Install and configure RAS to use regular telephone lines on your machine and your home server.
  2. Install PPTP and Virtual Private Network (VPN) ports on both machines.
  3. Configure the VPN port on the server to receive calls.
  4. Add an entry for your ISP in Dial-Up Networking (DUN) on your server, and dial your ISP.
  5. Open the DUN monitor on your server (mine is in Startup and appears in the system tray on the task bar). Select the Summary tab, and double-click the entry for your ISP. Note the IP address.
  6. Start RAS on your server.
  7. Go to the DOS prompt on either your machine or your home server and type
    ping -A ###.###.###.### where # is the IP address you noted in step 5.
  8. You will see the message
    Pinging<hostname.domainname.type> [###.###.###.###] with 32 bytes of data:
  9. Dial up your ISP from your machine.
  10. From your machine, open the properties for the Phone Book connection to your home server, and change the Dial Using entry to the VPN port and change the phone number to the hostname.domainname.type from step 8.
  11. Click Dial, and enter your username and password.

Because the IP address and the matching host name that the ISP assigns you are dynamic, you may have to step through this process every time your server connects to your ISP.

—James V. Ruddy III
taxproct@concentric.net

End of Article

Reader Comments

You must log on before posting a comment.

If you don't have a username & password, please register now.




Top Viewed ArticlesView all articles
CES 2009: Ballmer Announces Windows 7, Windows Live, Live Search Milestones

During his first-ever Consumer Electronics Show (CES) 2009 keynote address last night in Las Vegas, Microsoft CEO Steve Ballmer announced the pending public availability of a feature-complete Windows 7, the final version of Windows Live Essentials, and ...

Command Prompt Tricks

One reader shares his tip for setting up the command prompt to reflect a remote path. ...

Where is Microsoft NetMeeting in Windows XP?

...
Windows OSs Whitepapers Why SaaS is the Right Solution for Log Management
Related Events Virtualization Forum: Optimizing Storage, Networks, Desktops, and Security

Cloud Computing Forum: Integrating Software, Server and Storage as a Service into Your Enterprise IT Delivery Model

Virtualization Forum: Optimizing Storage, Networks, Desktops, and Security

Check out our list of Free Email Newsletters!
Windows OSs eBooks Understanding and Leveraging Code Signing Technologies

A Guide to Windows Certification and Public Keys

SQL Server Administration for Oracle DBAs
Related Windows OSs Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.



ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Download Data Protection Manager 2007
Disaster recovery at a low cost

Maximize speed, performance and reliablity of your PCs and servers—automatically!
Speed Up Your PC! Try Diskeeper 2008 with InvisiTasking Free Now!

Microsoft Learning Snack - Green IT Through Virtualization
Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.

Order Your Fundamentals CD Today!
Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.

Microsoft Learning Snack - Virtualization With Windows Server 2008
Windows Server 2008 includes virtualization technology that allows many operating systems - including open source - to run on a single host. Come learn the basics of implementing these features.

Microsoft Learning Snack - Virtualization Basics
With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.


Microsoft Learning Snack - Virtualization Basics
With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.

Microsoft Learning Snack - Virtualization With Windows Server 2008
Windows Server 2008 includes virtualization technology that allows many operating systems - including open source - to run on a single host. Come learn the basics of implementing these features.

Empower Your Processes with PowerShell 201
Paul Robichaux delves deep into PowerShell how-tos in 3 informative lessons, each followed by live Q&A—all on your own computer! Register today!

Microsoft Learning Snack - Green IT Through Virtualization
Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.

New Release: Windows IT Pro Master CD
13 years of content archives, fast answers with advanced search tools, and full access to WindowsITPro.com—order today!
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2009 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing