Frameworks for the deployment and management of open use computer labs, teaching computer lab classrooms, public kiosks, or multi-user shared workstations.
Whether your needs include a teaching classroom with all participants working in the same environment, an open computer lab or public kiosk with a highly repeatable user experience, or a shared information/help desk workstation with separate and unique user homes, keeping a consistent and highly available multi-user computing environment requires significantly more oversight than a typical single-user workstation. ETS maintains multiple services that combine into a framework for transforming a standard desktop computer into a managed multi-user device that is simultaneously stable, secure, and reliable but also flexible and easy to maintain.
- Directory-based authentication allows for signing into computers with campus NetID credentials
- Automatic software installations and upgrades easily add applications and keeps them up to date
- Advanced user profile management provides a consistent, clean and reliable user experience
- Configuration management curates a custom environment, including desktop backgrounds and applications shortcuts
- Security and permissions hardening keeps devices stable, operational, and available for when they are needed
- Auto-lock/Auto-logout keeps user data secure and protected
- Remote administration enables lab managers to make changes from anywhere, at any time
Determine which device configuration best meets your needs: Lab/Kiosk, Shared Workstation, or Single-User Workstation. See the Learn More section below for details.
Once you've identified which configuration(s) you'd like to implement, contact Systems Architecture and Administration with the following information for each configuration:
- number of devices/seats
- device manufacturer (ie. Dell, Teradici, Microsoft, Apple)
- device model (ie. OptiPlex, Wyse P25, Surface, iMac)
- operating system (ie. Windows 10, macOS 10.14)
Lab or Kiosk-configured devices typically have the following characteristics:
- unique software manifests to deliver desired apps
- policies/configuration management
- standardized device naming convention
- firmware password to prevent tampering of the startup disk
- auto-lock and/or auto-logout (or forced reboot) after XX minutes of idle
- non-persistent home directory (local user profile gets reset to default state on logout, ie. each login is a "fresh" user experience)
- NetID logins with standard (non-administrator) access and permissions
- restrictions on what standard users can do (such as locking out specific Control Panel or System Preference panes)
- one or more local administrator accounts for maintenance/management
Shared Workstation-configured devices share the same characteristics as Lab-configured ones, with a few exceptions:
- home directories are unique and persistent (user profile does not get reset on logout and remains indefinitely)
- significantly relaxed timers for forced logout after XX minutes of idle (or none at all)
Single-User Workstation devices are the least regimented and are usually a standard, out-of-box Mac or Windows experience with some added management features:
- no custom configuration, firmware password, restrictions, etc.
- non-unique, general software manifest; app installations are left up to the user to perform
- background management agents apply software, operating system and security updates