Performing maintenance and keeping your network up to date can be a nightmare. With hundreds of users, trying to run a help desk, stay in compliance, checking logs, getting updates and service packs and doing a ton of other administrative tasks can be overwhelming for any information department.
Generally most administrators lock down every user to a point that the user cannot make any corrections without a technician available. Although your policy and procedures may require a technician to service a computer, it is generally acceptable to let the user make corrections to their system when possible. You can still maintain security and control of each computer.
Giving Users a little Power
Recently we locked down our users to a point they couldn’t breathe. Our wireless network utility could not be modified without a technician intervening. If we changed anything in our wireless network, (other than modifiying Active Directory) we would send someone to correct or adjust the clients connecting to our wireless local area network.
We started by adjusting our group policy so that users could adjust the wireless software. We educated our users so that they would know how to enter their wireless key and how to select the correct SSID with the strongest signal. Users were excited to be able to make these adjustments and not have to wait on a technician. We further gave the users individual rights to customize their desktops, internet explorer and set a GPO so users could install software we hand picked.
Giving away power often makes administrators feel as though they are losing control. You can control this ‘give - away’ by running a trial on a department that you trust. In no way should you abandon Group Policy Objects. Active Directory should still be used to control and maintain security and control of your network. Maintenance of a computer is not just the responsibility of the information technology department. Giving away control of a computer through policies, can be beneficial to the entire information technology department. These little tasks can overwhelm your IT department. It’s Ok to modify your policy and procedures to allow these changes.