Re: Lab Computers, Research & Administrative Rights

[Kevin Ledbetter <kevin.ledbetter () VALPO EDU>]

We have begun the process of removing all local admin rights to user's
regular accounts.  Then we have provided a limited number of special
username.admin accounts which have local admin rights to a limited group of
PCs.  These accounts are only used when credentials are needed to preform
tasks that require elevated privileges.  These .admin have access to no
shared folders and are to be used strictly to provide admin credentials.


On Wed, Jun 6, 2018 at 9:07 AM, Hahues, Sven <shahues () fgcu edu> wrote:

> Hi everyone,
>
> I wanted to find out if some of you could share what some of the
> approaches you have taken when handling shared computers, such as devices
> used in labs that are hooked up to research equipment where faculty/staff
> and students may need to have administrative rights.
>
> We have been in the process of removing administrative rights, and if the
> computer is loaded by central IT, students do not have administrative
> rights.  We have been getting an increasing number of requests to allow for
> this to happen and are hesitant to do so.
>
> Could you guys share some of your approaches?
>
> Thanks,
>
> Sven
>
> Sven Hahues
> Florida Gulf Coast University
> Director, ITS Helpdesk, Network Services & Security
> Tel: (239) 590 1337
> E-Mail: shahues () fgcu edu



-- 
Kevin Ledbetter
Systems Security Administrator
Office of Information Technology
Valparaiso University
1700 Chapel Drive
Valparaiso, IN 46383
219.464.6191
Staff Employee Advocacy Council
University Council
Kevin.Ledbetter () valpo edu