Remember I said how we add the domain/connectcomputer to the IE trusted zone to properly run it?  So exactly what does connect computer script do anyway you ask?


psst… yes it DOES do way more than manually connecting the computer to the network through the control panel:





Client Configuration
 The following section outlines the automatic configurations performed as
 part of client Setup for client computers running Windows XP
 Professional and Windows 2000 Professional, based on best practice
 implementations.
 
  Important: To connect client computers to the network, use DHCP to
 automatically assign IP addresses.
  
 Client Networking Configuration
 Once you have added users and computers using the To Do List, go to the
 client computer, open Internet Explorer, and type http:// ServerName
 /connectcomputer (where ServerName is the name of the computer running
 Windows Small Business Server). Click Connect to the network now, and
 follow the instructions in the Small Business Server Network
 Configuration Wizard to configure networking settings for your client
 computers. The wizard requires the following:
 
  • You must be logged on as a member of the Local Admins security group
 on the client computer.
 
  • Only one network adapter can be enabled and configured to connect to
 the local network.
  
 • TCP/IP, Client for Microsoft Networks, and File and Printer Sharing
 for Microsoft Networks must be installed and bound to the network
 adapter. TCP/IP is configured to automatically obtain an IP address and
 DNS server addresses.
  
 Client Application Configuration
 After the applications that have been deployed by the Set Up Computer
 Wizard are installed, they are configured for each user and for the
 local network. The following settings are configured:
 
 Microsoft Internet Explorer 6 Service Pack 1
  
 Internet Explorer 6 provides the Web browser for client computers.
 Client Setup Configuration configures Internet Explorer 6 as follows:
 
  • The Home Page is configured to point to “My Company” (http://companyweb).
 
  • The following internal Web site links are added to the Favorites list
 Web site:
  
 Web site Address
 Microsoft Windows Small Business Server Web site
 http://go.microsoft.com/fwlink/?LinkId=17117
 
 My Company
 http://companyweb
  
 My E-mail
 http://sbsserver/exchange
  
 Information and Answers
 http://sbsserver/clienthelp
 
 Small Business Server Administration
 http://servername/tsweb/Default.htm?AutoConnect=1
  
 Microsoft Office Outlook 2003
 
 Outlook 2003 provides a single location for organizing and managing
 daily information, from e-mail and calendars to contacts and task lists.
 Client Setup Configuration configures Outlook 2003 as follows:
  
 • A user profile is created and configured to use Exchange Server 2003.
 The profile specifies Exchange connections and defines account information.
  
 • If the client computer contains existing profiles, the option for
 using Exchange is added and a new profile is created as the default. The
 old profile is backed up.
  
 • If you specify that the client computer will be used remotely, Outlook
 2003 is configured to run in Cached Exchange Mode.
 
 Fax Client
 
 Fax Client enables users to send faxes directly from their desktops.
 Depending on the user permissions, users can view the status of faxes in
 the queue or cancel faxes. Client Setup Configuration configures Fax
 Client as follows:
  
 • Outlook is configured with faxing capability.






Adding Les’s comments:


First, there’s the whole server site setup that enables and configures
dependencies and configuration options that connectcomputer funcionality
uses. Not discussed here, except to say that you’d have a virtually
impossible task uncovering all of the pieces touched. And if you didn’t use
the SBS setup wizard, then you may as well hang up right now and fdisk.

1. Checks Client OS and takes appropriate path (ATAP)
2. Causes an activex control to become available.
3. Determines whether the computer is or is not a member of the domain, and
is or is not a DC or SBS server, (ATAP)
4. Tests resolution to the SBS server (ATAP)
5. Checks for multiple non VPN network connections (ATAP)
6. Checks account permissions, allowed to join computer to domain?
7. Assigns users, and migrates local profile(s), if they exist, to domain
profile (SID mapping)
8. Assigns requered local permissions to domain user account.
9. Provides selection of computer name from list, automatically if there is
one-to-one mapping of user/computer on the SBS.
10. Joins the domain (creating a temp user account for autologon to ease the
process) – including getting the client computer in the correct AD OU so the
GP applies correctly.
11. Sets some runonce reg keys to clean up after the above process.
12. After required input is provided, steps through the above process,
including automatic restarts as required.
13. Now we are into Application Deployment (Susan shows some on her blog).
This is seen on the workstation as the Client Setup Wizard, which is
automatic on login after the above 12 main steps are complete.
14. The list of configurations made after Application deployment:
My network places
TAPI information
Connection Manager
Fax Printer
SSL Certificate
ActiveSync (special, just for SBS and mobility devices)
IE
Outlook
Additional global settings:
DNS Timeout Value
Deleted Item Recovey
Remote Desktop permissions
Network Printer(s)
Disable getting started screen (annoying XP thing)
Disable ICS
(used to turn off ICF, but now handled by GP (xp firewall settings))
Disables network bridging

Note also, we’re talking client computers here, but connectcomputer also
knows what to do with member servers 😉 .

If you think you can or want to do all this manually, please be my guest.
This is not the most complex wizard on the box. The wizards are a brilliant
piece of engineering, IMHO you are nuts if you ignore them.

 

8 Responses to So exactly “what” does connect computer do anyway?

  1. Tom says:

    Obviously one would not want to do this manually but riddle me this….

    When I add a user manually that user is assigned appropriate priviledges i.e. can’t install programs or can’t change network settings.

    When I add a user via the "connectcomputer" script everything gets add fine but the user gets permission to install apps as well as all other non user based priviledges.

    Any thoughts?

  2. Ryan says:

    I am having the exact same problem, at the exact same time.

  3. Tim says:

    On a similar note, would something the connect computer wizard does break the cisco VPN client?

  4. Susan says:

    They are assigned "local admin privileges" when you user connect computer, if you don’t, then they don’t.

  5. Bill says:

    Susan how do you not "user connect computer" The only way I know how to connect users via the "Connect Computer" script, is to run it from the web based connect computer site as an administrator on the client machine. If this is incorrect how do we connect these small business users correctly?

    Any help is appreciated

  6. Susan says:

    That is how you run it.

  7. Rick Adams says:

    I am having a problem with a new install of SBS 2003 in which the Client Setup at https://<sbsserver>/connectcomputer errors out that the Client Components need to be reinstalled on the server. The only hits I can find are about upgrading from SBS 2000 and I found one that mentioned XP SP2 specifically. Regardless, the question I have is this: is there a manual way to kickoff the Client Setup piece without going through the web site? I found a share \\<sbsserver>\Clients\Setup that looked like it would be it, but was hesitant to just fire it up. Any ideas?

    -Rick Adams.

  8. jhoetzl says:

    Have a couple old client pc’s. Want to move them to a new physical client pc.

    SBS2003 Standard

    XP Client currently.

    Best practices on migrating desktops anywhere?