Maybe we set ours up wrong ... but here is the situation:

We deployed Perfigo w/SmartEnforcer client.  Rather than hassle with
digging IP addresses for the Win update servers, the "temprorary access"
role has port 80 open to the internet for 40 minutes.  What has resulted is
approximately 80 per cent of the computers in the dorms went through the
process to get full access.  The remaining 20 per cent or so have basically
reasoned in their mind that they are ok with 40 minutes of temporary access
and if they need more, they will re-login.

Do other schools have problems with what I would call "feet-draggers" that
are too lazy to remediate their PC?  How are you dealing with them?

We have basically taken the approach of scanning the reports section on the
admin console to find "failed" attempts to access the network and contact
them individually and threatening total access denial.  This is taking way
too long in my estimation.  Have others found "better" ways to achieve
this?  Have we missed something with the win update server IP issue in our
setup?

Thanks for listening and (hopefully) replying.


================================================
Paul D. Walker II
Division Manager, Computer & Network Support
The Moody Bible Institute