Monday, March 14, 2011

Configure a Public PC

Good morning.

This weekend I configured a BTOP desktop PC for the North Lake County Public Library District in Polson. Since many of us are doing similar configurations, I thought this would be a good time to describe the steps I take to configure such a PC.

I had to setup 6 of these PCs. What I did was to configure one of them just the way I want it, and then create an image of that PC and copy that image to the other PCs. If you have more than a few PCs, it is a great time saver and it makes sure there is a consistent experience on each of the PCs so deployed.

What I describe here is simply how the master PC is configured. I do not describe the imaging procedure, or the restrictions I apply on a public. I use imagex and group policies respectively for these tasks. Both these tools are built into the Microsoft environment.

The accompanying document is not meant to be a step by step recipe for configuring the PC. It is simply a rather cryptic list of tasks, somewhat in the order they should be done. It requires a bit of familiarity with Windows 7, Microsoft domains, and installing applications. It is meant to be a fairly complete list of what needs to be done, but I confess that I have probably forgotten a task or two. I occasionally add a bit of explanation.

The public logon is named “inet” and the administrator’s logon is “acme”. If this process is done on a network with other PCs turned on, I always turn on “Block all incoming traffic” in the Sharing Center to minimize the chance of getting infected. Then unblock this before creating the image.

I use Deep Freeze on all public PCs at my day job and for all my clients. IMHO it is the most cost effective PC management money a library can spend. There is other “freezing” software, but I use this. Deep Freeze provides an area it calls Thawspace. Thawspace is a place that is not wiped when a PC is rebooted. I use it as the default location for “My Documents” so that patron documents can survive a reboot. I then use an automated procedure to delete contents of this folder on a regular basis, daily or weekly.

Some of these items are specific to the way I manage the environment so may not be appropriate to your environment, but you can use it as a starting point.

Here is the list.

Configuration of NLCPLD BTOP Optiplex 980 Public PC - March 12, 2011


W7 Pro 64 bit OS

Set PC name and temporary user during initial startup configuration

Set TCP/IP config for IPV4; Turn off IPV6 off

Set local admin password and enable

Join domain; add inet (the public user) to local administrators group

Confirm that Device Manager shows no problems

Set virtual memory to 2xRAM


Logon as inet

Install Office 2007 Pro Plus - Run all - no Outlook icon on desktop

Install MS Math 3.0, MS Streets & Trips

Install Adobe Reader-Flash-Shockwave; Install Java

Install Firefox, Google Earth, Picasa, Itunes/Quicktime

Place icons for auto repair, ibistro, infotrac on desktop

Place items on desktop: MS games folder (add in programs & Features), snipping tool, notepad

Keep Roxio Creator on desktop

Install Spybot, fprot

Do all Microsoft and application updates

Turn off all automatic updates (MS, java, adobe reader)

Activate windows

Set remote registry service to delayed start

Add acme & inet to Remote Desktop Users

Turn on file/print sharing

Confirm remote access to remote registry, file system, RDP

BIOS settings: password; WOL; no energy saving; boot order

Remove initial user and associated profile

Install Printers

Set default web/search in ie &ff, screen saver/power

Populate icons on desktop and set icon location, do initial start of all apps, set background, set ie to default browser


Make sure volume control is available in systray; test sound with headphones

Confirm flash drive can be removed gracefully


Logon as acme (The administrative user)

Create c:\port and set permissions to allow only acme access

Set default web, folder options, background, printer, screen saver, power,

Install Deepfreeze and thaw


Log back into inet

After DF install: set mydocs to T: (only T in list), T icon on desktop, my docs icon on desktop

Run disk cleanup, defrag, and chkdsk

Confirm ARP Poisoning is working

Run fprot/spybot scans


Log back into acme

Remove inet from local administrator group

Leave deep freeze unfrozen

Sysprep to oob experience; do not generalize

Capture the image with imagex


Friday, March 11, 2011

open v closed or simple v complex?

I attended a very interesting workshop at Broad Valleys Federation meeting on Open Source Software in Libraries. Nicole Engard spoke quite persuasively on the benefits of open source and contrasted it with Microsoft's wares as an example of closed or proprietary software.

But somehow that didn't seem to be the point to me. I was struck by the irony that she was talking up open source with a presentation running on a Mac. It seems to me that Apple is actually the epitome of closed proprietary hardware and software. If anything that would seem to lend credence to the argument that what you should really be striving for is an entirely closed infrastructure. Where Microsoft went wrong was in trying to make software that was compatible with a wide variety or hardware and software options. The frustration could be from the fact that they've tried to be too open rather than too closed.

Then I listened to Paul Thurrott on Windows Weekly. He argued that where Apple really has the market cornered is in simplicity and elegance of design. I think it's the simplicity that really appeals to people. The iPad and iPhone have one button to take you to the home screen. I've often made the off hand remark that if you're content to live within the Apple universe, your life will be peaceful and hassle free. That's not something you can often aspire to in the technology world. But if you buy the latest products, download the latest updates and function through the Apple app store buying and using Apple approved apps, you're pretty much guaranteed a pleasant user experience.

Unfortunately, that's not always the case in the open source world. And I'm not going to get into an argument about the value of open source software because I use quite a bit and I like it. But I use Apple and Microsoft products as well. That's probably partly me and partly my job. As a tech consultant, I don't think I can afford to be seen as an evangelist or shill for any particular product line. I also see advantages and disadvantages to all of them.

I think the challenge for librarians is to provide simple and elegant solutions instead of complex ones. And I think that's a big challenge. We want to provide all the options and answers while our customers often just want something that works. We librarians can get rather ideological and rigid in our positions. And that might prevent us from compromising and adding alternate solutions. Even if we're dedicated to running an open source based library, we may want to have a few computers or gadgets running Mac OS or Windows software for the comfort and convenience of our customers. And the same goes for libraries that primarily run Windows or Apple. They should also try to find some open source apps and gadgets for people to try out. From my happy place, I'd like see librarians making decisions on ILS, databases and other software primarily on the basis of usability. We need to focus on finding the best tools for the task at hand. Kudos to Nicole Engard for her example of going with proprietary software when it makes sense for her to do so.

I always hate to see librarians wasting energy battling each other on ideological grounds. In the meantime, our customers are finding our solutions too complicated and are turning to simpler ones like Google search, Kindle books, and iPad apps. We've got to turn our attention in that direction as well, if we're to stay in the game.