At this point, you've got your limited access user, your OU in the directory where all of the computer accounts for your "Terminals" will be located, and some GP settings on that OU to make the machines administerable. Now we need to return to that GPO and configure systems in that OU to log in automatically as our limited access user.
Rather than repost everything, I used the ADM file from here. If you're not familiar with using ADM files, the link contains some help--if you're still not sure after that, then this topic might be over your head.
I'm not a fan of using the ForceAutoLogon setting (I left it at 0); if this is turned on, the system will auto-logon any time a logon screen comes up. With it off, you can press Ctrl-Alt-Del and log off the system, and then manually log in as a different user if the need comes up. Enabling AutoAdminLogon will log the system on as the specified user when it's first turned on, but that's it (until it's rebooted).
Add this ADM file to your GPO (make sure you follow the instructions for changing the filter) and put in the appropriate settings.
At this point, all that *should* be required is putting the client computer into this OU, and rebooting the system. I've had spotty luck with that--your odds are much better if you can have just about anybody (an ordinary user should work; an Admin should work better) run "gpupdate /force" to get the machine to pick up the new GPO settings.
When the system boots, it will install the VMWare View client (with our custom settings from step 1), and then automatically log in as the limited access user. This will force the system to download the roaming profile and then startup the View client as the default shell. When the user exits the View client, they get asked if they want to shut down the computer--if they don't, the View client starts again. All things considered, a pretty self contained system.
I'm going to post an "Addendum" style post to discuss some of the caveats and things that I've changed since I did this the first time.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment