MyLogon

An alternative network logon-screen for Microsoft Windows.

Logon Screen MyLogon was written to satsify an observed need for a simple, easy-to-use way of connecting a client computer to a Local Area Network on a temporary or permanent basis, and of disconnecting from that network when required.

As such, MyLogon can serve as a replacement for the Windows 'Welcome screen' or for the Active Directory Logon.

Uses may be found in a number of situations. One notable instance is that of very small networks with, say, ten or less users. In this instance MyLogon will provide a 'real' network logon in which each user can log-on at any computer, but without involving the labyrinthine complexity of the Microsoft Active Directory, and its associated requirements for DNS and Group Policies.

The principle of operation is that user-accounts need only exist on the LAN fileserver, and are authenticated against that server. This part is similar to 'Active Directory' setups. Where it differs from Microsoft's approach is that there is no requirement for the client computer to be 'joined' to a domain, and no local settings are changed by the process of logging-on. In fact, there is no specific need for the server to host an Active Directory, potentially allowing a far simpler and less trouble-prone setup for small LANs.

This mode of operation will probably better suit that roaming laptop-user than will the microsoft default, whereby logging-on to multiple LANs typically results in a loss of the computer's settings. A laptop user can also connect to the resources of a larger Active Directory LAN without the need to 'join' the laptop to the Domain. This is particularly useful where the computer does not belong to the company hosting the Domain, as for example where a consultant is working onsite.

It will also suit data-entry setups where a given computer is used be several members of staff to perform a predtermnined task. With MyLogon, staff may authenticate to the computer under their own name without this causing the computer's settings to suffer undesirable changes. To better support this specific role, MyLogon also incorporates a 'kiosk mode' in which only one application or set of apps can be run. Any attempt to close that app (for example to illicitly run a game) results in the computer restarting.

MyLogon is also suitable for connecting Windows computers to a Linux server. Whilst this can be achieved without any add-ons, the MyLogon approach may prove simpler and less time-consuming than that of establishing a Samba domain.

Last but not least, MyLogon is equally suitable for clients running Home or non-business versions of Microsoft Windows. In fact the level of functionality is nearly the same here as on Business editions. This can subsantially save on licensing costs where a fileserver is being introduced into a group of computers running Home editions, since when using the Active Directory approach all of these computers would need a costly and time-consuming OS upgrade. With MyLogon you're talking maybe 10min to set-up each existing client to access the new server.. and best of all no settings are lost in the process.

Logging-on makes network resources such as shared folders available to the client. The degree of access to shared resources is finely controllable per network user. It is also possible to script the installation of software onto client computers at logon-time, to change the client computer's security settings, and in fact most of the tasks which can be accomplished with any networked set of computers.

Logging-off or entering Standalone Mode allows the computer to be used away from the LAN. In this mode (and unlike that standard approach) nonfunctional network drives are properly cleaned-up so as to not leave any 'landmines' in Explorer for the unsuspecting user to click-on, which otherwise cause the computer to freeze.

What MyLogon will not do:

Allow you to directly enforce Group Policies. (Might be added at some point in the future)

On small networks of trusted people the extreme degree of lockdown offered by Group Policy is seldom necessary nor desirable. In any event, almost all of the Group Policy controls just duplicate settings which can be activated by way of MyLogon's scripting.

Allow you to 'personalize' a single computer for multiple users, so that each has their own desktop, screensaver, etc.

Multiple personalized settings are a boon on home computers used by several members of a family. In a small-business environment they are seldom necessary. When computers are networked, the need to maintain multiple collections of personalized settings across multiple computers incurs a huge overhead in terms of complexity, and cost of maintenance and support.

You can nevertheless create personalised folders - 'home folders' on the server as per usual practice. Given a suitable email client you can also arrange that a user sees their own email regardless of which computer they use.