Professional Documents
Culture Documents
Login Join
Home
Best Practices
Best Practices
Solved
Best Practices
Anyone have a checklist of things that should be checked off when adding a computer to the
domain?
Things like complex local admin password, AV and Windows up to date, etc.
I know SW can check if AV is up to date, but can it check if Windows is up to date or if there is a
complex local password?
flagReport
bbh
J AL AP EN O
Enter to win a
checkBest Answer
Angus S-F
bbh wrote:
Is there anything that could be run against a device to make sure it has passed all the security
checks?
It's not enough to check your systems once, which is why Secunia's PSI run-in-thee-tray (and the
non-free corporate CSI) make sense for many users. Or you can use Network Access Control
(NAC), which examines the nodes on your network as they connect. There is a decent open-
source one here:
17 Replies
whoisROWDY
ANAHE IM
Nov 9th, 2013 at 6:34 AM
Couple things off the top of my head..
Add printers
Add AV
Remove bloatware
Run OS updates
Spice (1) flagReport
Was this post helpful?thumb_upthumb_down
Staceyjohnston
J AL AP EN O
Nov 9th, 2013 at 7:16 AM
Add Remote Admin setup unless you have it covered by GPO.
Spice (1) flagReport
Was this post helpful?thumb_upthumb_down
ammayer
C AY EN NE
Nov 9th, 2013 at 7:54 AM
If possible configure as much as possible through group policy. This eliminates the risk of
misconfiguring the end hosts.
Spice (1) flagReport
Was this post helpful?thumb_upthumb_down
Bud G.
M AC E
Nov 9th, 2013 at 8:12 AM
Create local admin account with complex password. Use across all computers (or all laptops, or
desktops, or by model, etc.)
Use a preconfigured image for the same machines. Makes things all that much more easier.
Before giving the computer over to the user, make sure that it is joined to the domain. All
necessary updates have been installed. AV is up to date. All programs that have been identified
as being required by the user (per management or job description, etc.) are installed.
Verify that the machine works and that you are able to get on the domain.
flagReport
Was this post helpful?thumb_upthumb_down
Andres719
D AT IL
Nov 9th, 2013 at 8:29 AM
whoisROWDY wrote:
Add printers
Add AV
Remove bloatware
Run OS updates
flagReport
Was this post helpful?thumb_upthumb_down
PaulK1437
J AL AP EN O
Nov 9th, 2013 at 10:54 AM
add user to AD if applicable
setup AV
run select windows updates to prevent update failures ( we mainly use lenovo's and this is
common)
setup shortcuts
setup email/signature
review department/division for software requirements i.e install office 2000, 2007, 2010, 2013 or
365 if application
flagReport
Was this post helpful?thumb_upthumb_down
JaredBourne
C AY EN NE
Nov 10th, 2013 at 8:57 AM
Set Local Admin
Join to domain
Pansai
Computer-Service-Göttingen is an IT service provider.
P OBL AN O
Nov 11th, 2013 at 5:48 PM
install Chrome/Firefox and remove IE from taskbar
install CCleaner
instead of Adobe Reader, go with sth. more powerful like Nitro Reader
remove preinstalled (old) Java versions and only install java if really needed
on Win8 remove all preconfigured tiles and leave just the needed software
flagReport
Was this post helpful?thumb_upthumb_down
flagReport
Was this post helpful?thumb_upthumb_down
justinrdr
P OBL AN O
Nov 12th, 2013 at 2:27 AM
Turn on wake-on-lan in the BIOS.
Install AV.
Install common apps from Ninite (we install Reader, Java, and Flash)
Install Office.
Add to domain.
flagReport
Was this post helpful?thumb_upthumb_down
FiyaFly
T HAI P EP PE R
Nov 12th, 2013 at 2:45 AM
I generally operate off of this document, save for some redaction for privacy purposes.
attach_file Computer_Set_Up_I...ctions.doc 26.5 KB
Spice (1) flagReport
Was this post helpful?thumb_upthumb_down
Angus S-F
GeoApps is an IT service provider.
D AT IL
Nov 12th, 2013 at 8:59 AM
On Win7, set a password for the hidden-from-the-welcome-screen local Administrator account.
Otherwise someone can boot into safe mode and use it to monkey with the system.
If you must use Adobe Reader, preconfigure it by turning off Javascript and Multimedia Trust and
Trust settings that allow AR to run embedded programs, then copy these settings to the "Default
User" profile using something like ForensIT's DefProf utility.
Put a link to your Spiceworks Helpdesk in a prominent place on the desktop ;-)
flagReport
Was this post helpful?thumb_upthumb_down
Pansai
Computer-Service-Göttingen is an IT service provider.
P OBL AN O
Nov 12th, 2013 at 1:08 PM
Ninite sounds interesting... does anybody have an alternative for that which is a little more
'flexible'?
flagReport
Was this post helpful?thumb_upthumb_down
OPbbh
J AL AP EN O
Nov 13th, 2013 at 4:50 AM
Is there anything that could be run against a device to make sure it has passed all the security
checks?
flagReport
Was this post helpful?thumb_upthumb_down
Angus S-F
GeoApps is an IT service provider.
D AT IL
Nov 13th, 2013 at 8:17 PMcheckBest Answer
bbh wrote:
Is there anything that could be run against a device to make sure it has passed all the security
checks?
Unfortunately it installs a run-all-the-time tray icon, so it's not just a check-once program.
It's not enough to check your systems once, which is why Secunia's PSI run-in-thee-tray (and the
non-free corporate CSI) make sense for many users. Or you can use Network Access Control
(NAC), which examines the nodes on your network as they connect. There is a decent open-
source one here:
flagReport
Was this post helpful?thumb_upthumb_down
Cody Wian
S ONO RA
Nov 13th, 2013 at 11:42 PM
We use a infopath form ( see attached)
Once you click the submit button it sends to our helpdesk account for tracking purposes.
attach_file PCform.xsn 10.8 KB
flagReport
Was this post helpful?thumb_upthumb_down
Angus S-F
GeoApps is an IT service provider.
D AT IL
Nov 14th, 2013 at 11:11 PM
bbh wrote:
Is there anything that could be run against a device to make sure it has passed all the security
checks?
You should also run this program to make sure everything is patched:
Microsoft Baseline Security Analyzer 2.3 Adds Support for Windows 8, Windows 8.1,
Windows Server 2012, and Windows Server 2012 R2 | Security content from Windows IT
Pro
http://windowsitpro.com/security/microsoft-baseline-security-analyzer-23-adds-support-
windows-8-windows-81-windows-server-20
flagReport
Was this post helpful?thumb_upthumb_down
lock
This topic has been locked by an administrator and is no longer open for commenting.
Hi, allI have Meraki deployed in my environment and I think its roaming stinks. When you are
associated with an AP, you need to drop off when the connection gets weak before another AP
picks you up. For active calls on Zoom, Teams, etc, it's unacceptable....
Your daily dose of tech news, in brief. We made it to Friday! And while it was actually a Thursday,
if we roll back the clock to August 19, 2004, it was definitely a good day for internet search giant
Google (now known as Alphabet) as it had its in...
I have a Cisco switch that I have to deal with - I have no control over it's configuration and at my
facility, there isn't even anyone to ask ( a long story ). There is a new issue that the ports will
close down if another switchis plugged in to it. The...
On this day in 1887 Dmitri Mendeleev will ascend in a balloon solo to 3.5 Km above the earth to
view an eclipse. The solo part of this adventure came about when it was discovered that the
balloon did not have enoug...
I previously posted here about getting offered a Jr net admin position and how nervous I was.
Well I’ve started and am 3 days in and I feel so out of place. When I get to work I’m not even sure
what I’m supposed to be doing. So I ask. Told to do something...
About
Contact
Support
Press / Media
Careers
SpiceWorld
Blog
o
o
o
o
Sitemap
Privacy Policy
Terms of Use
Guidelines
Accessibility Statement
Do Not Sell My Personal Information
© Copyright 2006 - 2022 Spiceworks Inc.
If you consent, we and our partners can store and access personal information on your device to provide a more
personalised browsing experience. This is accomplished through processing personal data collected from browsing
data stored in cookies. You can provide/withdraw consent at any time by clicking on the ‘Manage Preferences’ button.
Accept All Cookies
Cookies Settings