Rutgers - The State University of New JerseyRutgers - The State University of New Jersey
MSSG | UCS Toolkit | #

FROM THE BOX TO THE NETWORK

  1. Gather information
    • Identify the recipient/group, the desired location where the system is to be deployed, and the primary user.
    • Identify the intended use of this machine. Will it run any services? Will it need to share folders or a printer?
    • Identify how it will connect to the network. Will it need a static or DHCP-provided address? Will it need to be connected to an Active Directory domain?
    • Identify software needs. Does additional software need to be set-up (e.g. McAfee, SSH, MS Office, etc.)?
    • Identify peripheral equipment that needs to be attached directly to the machine. Has this equipment been purchased? Are drivers available?
    • Identify needed network resources (shared folders/printers, mapped network drives, etc.)
  2. Purchase Additional Material
    • Get necessary software and licenses.
    • Get necessary peripherals (scanner, printer, etc.).
  3. Static IP Configuration
    • If you wish this machine to have a static IP address, you must ensure that it is registered with the University DNS system.
    • Identify if machine name is already in use. Open a command window on a MS Windows platform, type nslookup [full machine name] and hit Enter.


      The first nslookup shows a good name choice. It is not already registered. The second nslookup choice is a bad choice as it is already registered to IP 165.230.169.52.
    • Register Host with TD. Once a good hostname for the new machine is selected, send an email to RU's Telecommunication Division to register the hostname. The content of the email should follow the Host Request Template. You will also have to gather the specific information particular to your LAN - Gateway IP address, Subnet Mask, DNS servers.
  4. Dynamic IP Configuration (DHCP)
    • If the machine will have a dynamically-assigned (DHCP) address, the necessary configuration information will be gathered later.
  5. Unpacking the Box
    • Inventory all items in the box to ensure you have received all parts.
    • Keep the Packing Slip and return it to the administrative purchasing staff. They are required to acknowledge receipt of BIG TICKET items in RIAS. It is also a good way for you to review the system configuration to ensure you have all of the pieces you ordered.
    • Set-up the machine. DO NOT CONNECT IT TO THE NETWORK.
    • Gather the machine specs (type/model, OS, serial number, machine name, CPU, RAM, HD, Warranty Start Date, and Warranty Length) and record them into some sort of tracking mechanism.
  6. Initial System Set-Up and Configuration
    • Start-up the machine and set-up as the dialog box dictate.
    • Enter the appropriate time zone.
    • Enter a strong administrator password (check to see if your department has a password policy or standards).
    • Enter the expected HOSTNAME of the machine when asked.
    • Do not attach the machine to an AD domain. This will come later.
    • XP will want an initial username/password. Make a test account and a strong password (this will be a local account). Use this account to do the initial configuration of the machine.
    • Reboot the machine when prompted.
  7. Change Login Interface
    • Login with the test account. Go to Control Panel -> User Accounts. Select "Change the way users logon/off." Disable fast "User Switching" and "Use the Welcome Screen." Logout.
  8. Remove the Test Account
    • Login as administrator. Go to Control Panels. Change to "Classic View". Click on User Accounts. Highlight the test account and click remove. Answer OK and close the User Account and Control Panels windows.
  9. Patch
    • Use a Patch CD to install the latest pack and recent patches. The best place to create a patch CD is to go the Software Portal and download the appropriate operating systems patches ISO. Use this patch CD to update the machine BEFORE it goes on-line.
  10. Additional Security Lockdowns
    • Go to Control Panels -> Administrative Tools -> Local Security Policy -> Local Policy -> Security Options
      • "Accounts: Guest account status: Disabled.
      • "Accounts: Limit local account use of blank passwords to console logon only: Enabled".
      • "Interactive logon: Do not require CNTL+ALT+DEL: Disabled".
      • "Interactive logon: Smart card removal behavior: Lock Workstation".
      • "Microsoft network client: Digital sign communications (if server agrees): Enabled".
      • "Microsoft network server: Digitally sign communications (if client agrees): Enabled".
      • "Network access: Allow anonymous SID/Name translation: Disabled".
      • "Network access: Do not allow anonymous enumeration of SAM accounts and shares: Enabled".
      • "Network access: Do not allow storage of credentials or .NET Passports for network authentication: Enabled".
      • "Network access: Let Everyone permissions apply to anonymous users: Disabled".
      • "Network access: Sharing and security model for local accounts: Classic - local users authenticate as themselves".
      • "Network security: Do not store LAN Manager hash values on next password change: Enabled".
      • "Network security: LAN Manager authentication level: Send LM/NTLMv1 - Use NTLMv2 session security if negotiated".
      • "Recovery control: Allow automatic administrative logon: Disabled".
  11. Going to use DHCP? Get MAC address!
    • If you are attaching this machine using DHCP, your DHCP server will likely use MAC-filtered access control (i.e., network addresses will be assigned only if registered in the DHCP server's configuration files.)
    • Open a command window (Start->Run, type cmd ) and run the command ipconfig /all. The MAC address of the machine will appear on the Physical Address line. In this example it is: 00:0d:56:d4:a9:e3. Use this MAC address to configure your DHCP server to accept an IP request from this PC.


  12. Put Machine on the Network
    • If you are using DHCP and you have configured your DHCP server for the new machine, your machine should come up on the network after it has been plugged into the network for about 20-30 seconds.
    • If you are using a static IP for the new machine, plug the machine into the network, go to the Network Connections control panel and change the pertinent network information under the Local Area Network properties.
  13. Microsoft Update
    • Go to Microsoft Update (with Internet Explorer) and check for additional updates.
  14. Add Computer to Active Directory Domain(if applicable)
    • To add a computer to an AD domain, go to Control Panels -> Network Connections. From the menu, select Advanced->Network Identification... Click on the Change button. Click on the Domain radio button and enter the full network name of your AD domain (i.e., typically set up as ad..rutgers.edu). Click OK. You will have to enter in a domain account username/password that has domain administrator privileges in order to attach the machine to the domain. To complete the process, you will need to reboot the machine.
  15. Add User Account to Machine
    • In most cases, the machine you install will be intended for a single user. Therefore, you may need to elevate the user to a higher privilege level. To do this, you can go to Control Panels -> User Accounts. Click Add. Enter Username and Domain. Click the level to give, in most cases where the user needs to install/use certain software, Power User rights are sufficient. In special cases, you may need to give Administrator-level privileges. Note: these privilege levels are to the local machine and are not reflected throughout the domain.
  16. Install supplementary software packages
    • Install all supplementary software packages including McAfee, RADS, Adobe Acrobat Reader, SSH, MS Office, etc.
  17. Office Update
    • After installing the software packages, it is a good habit to go visit the Microsoft Office Update site and update your MS office package. You should also visit the sites of other installed software packages to see if any updates are available.
  18. Final Installation
    • Install the computer at the new location. Add any needed peripherals and printers. Some peripheral drivers may install themselves when initially connected to the machine.
  19. Accountability
    • Make sure the user knows how to contact you in case they have any problems. This is where your trust relationship with the users begins. Make a good impression. Understand that when users receive a new computer, it is likely they will have to change the way they used to do things. Help them adapt and try to ease them into using the new machine. Don't take personally comments like "My other computer was better", "Are you SURE you know what you're doing?" and "My last machine NEVER did this." You will hear these all of the time. Be accountable and they will learn to appreciate it.


BACK TO TOP

Return to RU Main Site

For questions or comments about this site, contact ucs_toolkit@email.rutgers.edu
Last updated: 02/08/2005

© 2005 Rutgers, The State University of New Jersey. All rights reserved.

 

Search Rutgers