I can speak from experience here. I am head of the IT department of a few branch office. I am also the start of the domain with some group policy pushing to those clients or people I work in different department. I started for this company when they are joined in one huge workgroup environment. All department will be giving different rights through a group call OU organization unit. This is where the different policy or policies within the OU will come in. >From experience, some of the policy does bring problem with screen reader like it or not. Restrict some function within windows, will cause any screen reader to work out of the ordinary. One good example is, UAC with only user rights in the workstation and some limit of the desktop and control panel. By default, a roaming profile or the newly log on users, you should have all the rights within. Only that folder, nothing else. Program files, and windows folder is out of the question. If you are running UAC, see if the administrator can turn it off on Vista and 7. See if any improvement comes out of it. With or without UAC, you can't do much with installing programs or touch any critical system files in a domain environment so long you are just a users or domain users. The other part I tested is, share the portable version of window-eyes on a network share with all your rights on that folder only. You can write, read whatever on that folder. you just run manually everytime window-eyes start on any windows or on your workstation. But updating of scripts, you just need to update manually as well. But this will need some trust from the administrator themselves. The reason why policy are in the place are, to prevent people from doing things they shouldn't. installing games, changing a working computer to a non-working. Disable services they think its mpt reqiored. Change the timezone, and so on. I can name forever with all these. Basically, you are just given what you need to do your job. that's it. If you need rights in some areas, talk to them nicely. Seriously, administrator will not be the person they should know what you need sometimes. They will assume, you might or just need this only. Hope that above clarify things on the side of a administrator does on the corperate network. -------------------- regards Thomas N. Chan From: [email protected] [mailto:[email protected]] Sent: Thursday, 14 February 2013 11:53 PM To: [email protected] Subject: RE: Window-eyes and Corporate Security It is difficult to answer questions regarding corporate environments. There are many ways they can be set up depending on what your IT team likes to do. For example some companies like to disable scripts which has an impact on MS Office. It also may affect the WE scripts written in Visual Basic. There are also companies that use policies to determine how little or how much one can do on their own. These are often more difficult to manage for individuals, but it still is possible. For example we had it set up for all users here to have Quick View Plus installed if it was not on a PC. Quick View Plus is not accessible and I was not included in the group object that kept installing this utility after I removed it. Fortunately being part of the network operating systems engineering team I have the ability to allow my work station to install and remove what I need or cannot use. I do not work in the area that manages our firewall. This affects how We scripts are updated. Now I need to download each one individually then install it myself. There are also sites that are blocked for everyone here. They might be DropBox or web mail sites for example. Vic
If you reply to this message it will be delivered to the original sender only. If your reply would benefit others on the list and your message is related to GW Micro, then please consider sending your message to [email protected] so the entire list will receive it. GW-Info messages are archived at http://www.gwmicro.com/gwinfo. You can manage your list subscription at http://www.gwmicro.com/listserv.
