Scribd
Upload
143 views6 pages

Mantrac Group Client Computers Standard Setup PDF

The document provides guidelines for standardizing desktop computer setup across Mantrac Group. It outlines required hardware specifications, Windows 10 configuration, applications to install including antivirus and Office 365, and security settings like enabling BitLocker and firewall. Computer naming conventions and procedures for spare computers are also defined. Standardization aims to guarantee smooth operations and improve security.

Uploaded by

Viatory Makoro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
143 views6 pages

Mantrac Group Client Computers Standard Setup PDF

The document provides guidelines for standardizing desktop computer setup across Mantrac Group. It outlines required hardware specifications, Windows 10 configuration, applications to install including antivirus and Office 365, and security settings like enabling BitLocker and firewall. Computer naming conventions and procedures for spare computers are also defined. Standardization aims to guarantee smooth operations and improve security.

Uploaded by

Viatory Makoro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Mantrac Group

Mantrac Group Standard Client Computer Setup

SUMMARY :

In pursuit of standardizing our Desktop environment platform, this document contains the guidelines of
setting up and configure all Group Computers and what are the Applications and Software should be
installed to guarantee a smooth operation with all improvement and security procedures.

Distrbution

Name Title Date


Group IT Help Desk Teams IT Help Desk Teams 11/27/2018
Group IT Managers 11/27/2018

VERSION CONTROL :

Version No. Author Date Comments


Hassan Mahdy & Mostafa
0.5 11/12/2018
Abel Rehim
Authorised by Reviewed by Date
Hassan Mahdy & Mostafa
Waleed Omar 11/12/2018
Abel Rehim
The below are the must do guidelines to build a standard client computer for all Mantrac
Group employees:

Computer Hardware:
1- The Minimum Hardware Requirement is (RAM not less than 4 GB, Processor not less than
Core I5, HDD not less than 500 GB and VGA not Less than 1 GB)

2- PC Partitions: it should be one Partition Only (C Drive)

3- On all New Computers you should make sure it supports (64-bit HW, UEFI version 2.3.1 or
higher, Intel VT-x or AMD-V extension, TPM 2.0, Secure Firmware Update)

The Operating System:


1- The Operating System which should be installed isn’t less that Win 10 Version 1803.

2- All Group policy should be applied, run Gpresult /r and check below:

a. _Disable auto run (Contains all settings to disable Auto Run for security wise)

b. _Proxy (Contains proxy settings)

c. _Enable Firewall (Contains all firewall Settings)

d. _Security Restrictions 4 Clients (Contains all Client Security Settings)

e. (Country name) Add L-Admins (add HelpDesk of each territory to admin group in
all clients and remove all normal users from admin Group)

f. _Laps 4 Clients (Contains all Local Administrator Password Settings)

For Example, EG Add L-Admins or UK Add L-Admins


g. _Auto-Lock (Contains all Auto Lock Screen Saver Settings for Security wise)

h. _Disable SMBv1 (Contains all Settings to disable SMB ver. 1 for Security wise)

i. _NTLMv2 Only 4 Clients (Contains all Settings to enforce all clients to use NTLM
ver. 2 only for Security wise)

j. (Country name) EG IE Settings (Contains all internet explorer Settings)

For Example, EG IE Settings or UK IE Settings


k. (Country name) WSUS Clients (Contains all windows Updates Settings)

For Example, EG WSUS Clients or UK WSUS Clients


l. _Disable OWU (Contains all Settings to disable online windows Updates)
m. _Desktop wallpaper (Contains all wallpaper Settings)

Page 2 of 6
n. (Country name) My Document Redirection (Contains all Settings to
redirect user’s documents folder to File server)
For Example, EG My Document Redirection or UK My Document Redirection

Also, double click in Sync Icon in the notification area

Also,right click in Sync Icon and select sync all to make sure the Status: Sync
Completed

Page 3 of 6
Application and Software:
1- Before handing the computer to the employee, all computers must have an Antivirus installed
on it and assure it is up to date and in healthy status (TrendMicro Currently used).

2- All PCs should have Internet Explorer 11 or Higher installed.

3- The office Version should be installed is Office 365 (with Enabling Update) or office 2016.

Important Configurations:
1- It is very important to make sure the Laps Agent is installed on all Machines
especially with the new machine before delivering to the assigned user.
From Control panel open Programs and features and make sure that Local
administrator password solution is installed.

2- It is very important to make sure the SCCM Agent is installed on all Machines
especially with the new machine before delivering to the assigned user and with a
healthy Status.
3- Delete Inactive Computers from AD continuously (every month if possible), because any
Computer won’t login to the network for 3 months, it will be disabled then deleted.

4- you should assign a password for Bios to prevent any unautorized person open it with disabling
F12 for External media Boot and it is MantracBi0sP0licy19

5- Enable the Virtualization, UEFI Boot only, secure Boot are a must .

6- Enable Hyber-V Hypervisor from Window feature in this Path

Page 4 of 6
7- For the IT Engineer the Remote Connection Tools which should be used is:

- Microsoft Skype for Business.

- Configuration Manager Remote Connection Tool.

- Remote Desktop.

- Quick Assist (Built-in in Windows 10)

8- The Bit locker should be enabled on each partition by following:


- Make sure the Bitlocker GPO is applied on the machine which will enable
saving the recovery Keys of each partition on the AD. By typing (gpresult
/r in elevated CMD)

9- Then turn on the Bit locker on the partition starting with C drive then after finished
start to turn it on other partition

Page 5 of 6
Computer Naming Convention

Computers not matching our group naming convention will be automatically deleted
from the network without notification.
Spare Computers:

A Spare Computers cusing many problem in the netowk and not working efficiently as it’s
kept a long time out of the network so it’s very important to follow below:

- Once the spear computer start rename it and add description (Hassan Mahdy
Temp Comp.)
- you must disjoin and join.
- Make sure the GPO applied.

Page 6 of 6

You might also like