Ed Engelking Dot Com: April 08, 2004 Archives

« April 04, 2004 | Main | April 16, 2004 »

April 08, 2004

A server called Windows 2003

Well, I'm waist deep into my Win2k3 server project and my brain feels like mush.

Mush mush mush.

I've been working on so many different things lately its hard to keep track of it all. I've managed to get quite a bit of stuff setup on the servers thus far, and amazingly enough everything still works like a charm. I've gotten all the user accounts created, department groups with assigned users, department OU's with sub-department OU's, and enough GPO's to gag a maggot. Here's the breakdown of how the OU's and user accounts are working:

--Domain
----Dept OU
------Dept Job OU 1
----------Employee 1
----------Employee 2
------Dept Job OU 2
----------Employee 1
----------Employee 2

Now, as far as the policies are concerned, I've gotten them figured out as well. The way that it works, policies are inherited from child to parent. The higher priorities are loaded last. Any domain policies are loaded first, followed by the Department policies, then job policy. This allows me to assign specific policies to specific job functions, in addition to assigning specific login scripts. As a result, I can make it so that each group gets the specific printers that they require. An example being Producers ... I can assign a login script that assigns them the Genicom printers and Newsroom1 and Newsroom2. I can assign other people in the newsroom, such as directors, only Newsroom1 as they don't need the Genicoms. What's really nice is if I choose to do so, I can make it so that the Directors get the Genicom printers with a simple addition to the script.

What's even better is that I got the drive mapping structure figured out as well, and it is part of the specific login script for any specific job. Here's an example: say that you're an Engineering technician. You would get the following mapped directories on boot:

M:\ = home directory
N:\ = job specific department directory (i.e. engineering\technicians)
O:\ = department directory (i.e. engineering\ )
P:\ = public directory (heh... it's assigned to the letter P, isn't that fun? :)

Kyle and I were able to do some testing with a test user account. We found that a few things required some tweaking, specifically the con2prt program. This application is what allows you to add/remove printers via script. Best of all, it works REALLY well. After some testing, Kyle and I determined that the con2prt program has to be executed from the workstation in order to add the printers. We had to put the con2prt program in a folder on the public drive, making it readable for all users. After chaning the script to point to P:\utilities\con2prt.exe, the printers magically added themselves and set a pre-determined default printer.

Woohoo!

Anyhow, my brain is requesting time off, so I'm going to grant the request.

Posted by ed at 07:59 PM | Comments (0)