I recently donated a computer to a friend of mine (4200+ on an nf-m2s) ...... and it lasted all of about 1 month before it had 4 flat tires and a .DLL serial murderer appears to have gone on a gold paint huffing spree, and played a little tetris with the registry while he was at it.
My fault. His user account was the admin. He isnt a computer "idiot" so to speak, but has plenty of friends who I wouldn't let use the eraser on my pencil, much less his computer. I figured he'd keep people from screwing it up, I was wrong.
So, now that I am doing a full re-install of windows 7 i'd like to at least do what I can to prevent the proverbial "screwdriver to the OS" this time around. I have not had to screw with any sort of microsoft permissions on the group/user level since I took a microsoft MSE course designed for NT server. Obviously that has been a while....
I would like for him to be able to install programs, browse the web, various usb devices. But I also don't want him to call me every 3 days because his machine won't give him permission to change his desktop background. After looking at the default windows 7 users and groups this is what I guess I am going to do..
Create new admin account, for myself. I need full control/all/all/special permissions yadda yadda yadda. Assuming I just need to add it to the "Administrators" group? Anything else I need to do?
Disable old admin account.
Create new account for him. Here is where I really need some help. Is there a good default group to add him to that will allow program installation, "reasonable" access to the file system (copying files around etc) internet access, and other typical user needs?
The description for users isn't exactly all that descriptive
Sounds nice but I have the feeling that the most applications part of that is what is going to bite me, one way or the other. Any tips?
Also, how viable is remote desktop/assistance to allow me to log into his computer from home if I do need to make a change for him? I have never used it, always disabled it immediately on all windows 7 installs.
Hints tips ideas welcome. Thank you!
My fault. His user account was the admin. He isnt a computer "idiot" so to speak, but has plenty of friends who I wouldn't let use the eraser on my pencil, much less his computer. I figured he'd keep people from screwing it up, I was wrong.
So, now that I am doing a full re-install of windows 7 i'd like to at least do what I can to prevent the proverbial "screwdriver to the OS" this time around. I have not had to screw with any sort of microsoft permissions on the group/user level since I took a microsoft MSE course designed for NT server. Obviously that has been a while....
I would like for him to be able to install programs, browse the web, various usb devices. But I also don't want him to call me every 3 days because his machine won't give him permission to change his desktop background. After looking at the default windows 7 users and groups this is what I guess I am going to do..
Create new admin account, for myself. I need full control/all/all/special permissions yadda yadda yadda. Assuming I just need to add it to the "Administrators" group? Anything else I need to do?
Disable old admin account.
Create new account for him. Here is where I really need some help. Is there a good default group to add him to that will allow program installation, "reasonable" access to the file system (copying files around etc) internet access, and other typical user needs?
The description for users isn't exactly all that descriptive
Users are prevented from making accidental or intentional system-wide changes and can run most applications
Sounds nice but I have the feeling that the most applications part of that is what is going to bite me, one way or the other. Any tips?
Also, how viable is remote desktop/assistance to allow me to log into his computer from home if I do need to make a change for him? I have never used it, always disabled it immediately on all windows 7 installs.
Hints tips ideas welcome. Thank you!