Morning all,

Hope this is the right place for this..

Using a user policy to secure my images, these are XP machines in college
dorm labs so they need to be real tough. I've set a dynamic local user that
is volatile so it should go away when they log out.

I've set the windows group policy to be very strict in an attempt to keep
these systems clean (spyware, viruses, cosmetic changes). I've removed
access to the local drives in an attempt to prevent saving to these
machines as well.

I've made a large number of changes, too many to list here unless there is
a way to take a snapshot someone knows about.

However, we're still seeing apps being installed (aim, weatherbug, poker
player stuff) and we're still seeing stuff coming on the desktop (shortcuts
and documents).

So we have 2 issues I can see,
1- the image is not secure enough and things are getting through
2- they are still able to choose 'workstation only' on the client and log
in as the station user which should be destroyed when they log off
(volatile user setting) We need to leave the 'workstation only' option so
we can do admin stuff as local administrator. Unless someone knows a work
around for that to.

we do not want to use a 3rd party app to either clone at restart or enforce
security on these. We've toyed with the idea of local images and re-imaging
each re-boot with zen imaging but it's too slow on older stations (500,
800, 1000mhz).

Any ideas?

Thanks Rob