Re: Deployment Portal Password
- Since I started this thread, I'd like to thank Lynn for the
explanation of how things work and the solution to original issue. I
went straight to the policy based delivery and I'm downloading my
requested downloads. This is a great resource for help and thanks to
Fairbanks AK FHC
--- In firstname.lastname@example.org, "Gary Templeman" <gtempleman1@...> wrote:
> ----- Original Message -----
> From: "Russell Hltn" <RussellHltn@...>
> >> That brings up an interesting thought. As a protection to the FHC
> >> computers,
> >> perhaps patron computers that are going to be connected to the Church
> >> Internet connection should be "certified" by a staff member that they
> >> already have a current A-V program installed and running before even
> >> allowing the connection.
> > I don't think it's practical. The church isn't responsible for what
> > happens to the patron's computer. The more the staff messes with it,
> > the more likely they are to get blamed for anything that happens to go
> > wrong later.
> > The only reason I can think of for doing that is to protect the FHC
> > network from viruses that are on the patron's computer. I think
> > there's better ways to deal with that.
> That is why I said it was pie in the sky. I agree that it is not
> and will never happen. In theory however the staff wouldn't have to
> touch the computer, only have the patron demonstrate that the
> installed and functioning.
Local Users and Groups
Look for the login there to see if they are a Power User (sometimes
called a Super User). If not, add the login to the group.
There are easier ways to do this, but I do not remember them.
And I think everyone might be off to conference. Should be a solemn
assembly in 30 minutes.
- Thanks, Larry. I'll try this when I go back.
At 11:32 AM 4/5/2008, you wrote:
>Local Users and Groups
>Look for the login there to see if they are a Power User (sometimes
>called a Super User). If not, add the login to the group.
>There are easier ways to do this, but I do not remember them.
>And I think everyone might be off to conference. Should be a solemn
>assembly in 30 minutes.
- The IP Addressing scheme used are "private" IP addresses that anyone
can use, so its no guarantee that the requests would be originating
from FHCs. Plus when the PIX firewall / web filtering project was
implemented, the scope of the VPN that was setup as a part of the
PIX implementation, is only for administrating the PIX configuration
and not for normal IP traffic. So neither of these services can go
through the PIX VPN to the corporate network, but most go out to the
public Internet instead.
At one point their was a desire to set up as many FHCs with a static
public IP address... but some how this was not communicated
successfully to those implementing the WAN links to FHCs and so most
(98%??) are all dynamically configured IP addresses instead. So the
use of static IP's won't work either.
--- In email@example.com, "Gary Templeman" <gtempleman1@...>
> Bro. Shaw,
> Since all Internet connections in FHCs are required to use the
> Church filtering, and since AFAIK the PIX units all use IPaddresses
> assigned by the Church, is it possible to configure LANDesk andthe various
> services to not operate unless the traffic is routing through theChurch IP
> address range? I am not a network person, but it seems somethinglike that
> would make it impossible to even attempt using those products andservices
> outside the FHC, or a FHC which was not using the filtering.are ONLY
> Gary Templeman
> ----- Original Message -----
> From: "Lynn Shaw" <shawlh@...>
> To: <firstname.lastname@example.org>
> Sent: Thursday, March 27, 2008 9:35 AM
> Subject: [fhctech] Re: Deployment Portal Password
> > Note: Both of these tools and the resulting products/services
> > for use on family history center computers.