Help with networking/administration

So at my school I have been appointed the Admin over all the computers on our FTC Robotics team. I don't really know where to start. How would I make a central computer where most of the data would be stored ex( netbeans, solidworks, etc) so when I add another computer to the loop I don't have to download everything again. I also need to lock the computers down ex( block games from being started, and changing backgrounds). I need to be able to have remote control over the computers from my house as well, would I be better off using the built in Windows Remote Desktop application or would there be a better free option. Any help is appreciated.

 

Ps The best hardware we have is a Core 2 duo with 1-4Gb of RAM...

Um, yikes, you've been put in a bit of a bad place. You'll need to use Windows Server if you wanna keep Windows machines in sync, but that'll cost you $800. If you can afford that, and you just need help learning to use it, PM me and I'll let you borrow a VM to mess with it in (or you could use your own, Proxmox is great for this).

Firstly, this can be achieved without Win Server (its just much easier to do it with).

I presume your machines are all very similar in terms of spec (usually if you are in a school setting), so the best option is to setup one machine fully and image it across to all the others.

So setup one machine with all the drivers, software and necessary applications you may need. This will be done under the main account that has administrative powers (be sure to set a good password, I know there are easy ways around passwords on singular machines so lock down boot devices in the BIOS to prevent most issues).

You will then need to create a user for people to login as and lock it down using "Local Group Policies". You'll want to look up where to find the things you want to lock down (such as prevent registry editing and hide control panel tools). This can be accessed by (in the start menu or Run menu) by typing "gpedit.msc".

You can't always lock down all .exe execution, as some can be run without installation. (You could use a *nix based solution but you may have issues with other software.

Once you have one machine done, you can clone the drive to other machines using software like Clonezilla (works best with drives of the same size) and Norton Ghost.

As for a central repository of data, simply share a folder out from a computer (preferably one not being used as a terminal and with the largest drive) Make sure to apply security in terms of user login and access from certain IPs.

These are the basics, but should get you rolling. I wish you the best of luck.

Try Turnkey Servers:

http://www.turnkeylinux.org/

These are Linux servers that are simple to install and use. I'm sure you'll find something that fits the bill. Might I suggest looking for OwnCloud or a File Server for starters.

Yes, they work with Windows.

 

I have a DreamSpark account so I have access to Windows Server and I have it on a boot disk already.

Ok, I think I get almost everything except on how to lock the BIOS and I need that as some of the people have threatened to put Ubuntu on the computers... but most importantly how would i access the computers from home because I only have about 2 hours every Wednesday and Friday to work on them. Thanks for all the help guys

 

I would put Ubuntu on the computers to stop people from messing with the computers( most of the people on the team can't figure out how to turn the computers on...) but there are the 1 or 2 people that know how to work Ubuntu better than me and are the ones that would be messing around.

It looks like a paid service and I don't want to put much or any money if I don't have to on this project.

At boot, as the computer is posting there will be an option to enter the BIOS. Usually by hitting either F2,F10 or the DEL key. The boot splash will usually prompt you as to which it is.

Once in there, remove the option to boot from CD and/or USB from the boot order. Then you will want to set a access password so that no one can manipulate it and change it back. BIOS's vary a bit so I can not give you the specifics as to where each option will be.

Accessing the machines remotely maybe an issue depending on what the school has in place as the firewall, as it is very likely you will not be able to gain access through the main gateway. You could use a site to site VPN (from the school to your home connection) as this will get around the firewall issues (providing the school site initiates the connection). I can not really suggest a reasonable and secure method without knowing what is already in place.

It's Linux and it's free, as is the community support. Profession support is paid for. You've nothing to lose by trying it out, but your time.