Converting a Workstation for home use

/ Admin Area

This does NOT apply to laptops that have docking stations at the office or homes that have an Always-On router!

There are several things that must be done before an office workstation can be taken home and used simply as a dumb terminal (for access to the office using Remote Desktop).

  1. Ensure the workstation is still connected to the office network
    • Yes, it will have to be returned to the office if it has already been taken home
  2. Move the Active Directory object for the computer into the Workstations – Home container
  3. Edit the object and change the location to match the person’s name who is taking it home
  4. Remote Desktop into the workstation
    1. Create a local user called DumbTerminal with a password of MRBKcpa$1040$
      • TODO
        • Because a domain user can sign into a disconnected workstation indefinitely (as long as they were at least one of the last 10 logins while it was connected), use a domain user for this instead https://superuser.com/questions/632986/how-long-users-can-log-on-without-any-domain-controller-availible
        • Use GPO to push https://www.top-password.com/blog/disable-require-sign-in-on-wakeup-in-windows-11/
      • Add this user to the local Administrators group
      • Set this user’s description to “MRBK Home Computers automatically sign in as this user”
      • https://www.top-password.com/blog/disable-require-sign-in-on-wakeup-in-windows-11/
      • This user can only connect to the office via the icRouter VPN Client and Remote Desktop
      • This user will be automatically signed in anytime this computer is turned on
    2. Remove everything in C:\Users\Public\Desktop
    3. Force the GP to update
    4. Reboot
    5. Uninstall Avast
    6. Uninstall FoxIt
    7. Install the icRouter VPN Client
    8. Reboot to confirm the DumbTerminal user was automatically signed in
      • A new user wizard will most likely appear

Now the user may take the machine home. It should automatically sign in but they will need to do the following:

  1. Connect the machine to the Internet
  2. Connect to the VPN
    • Remember that the 6-digit OTP code must be installed on a mobile device while it is in the office

Leave a Comment