At a previous institution, my team supported a couple of computer labs that required a similar lockdown environment for testing. In those cases, it was MS Word that had to be the only allowed application to run, but the techniques we used could easily have been applied to Excel. We decided to create a solution in-house, instead of using a third-party software product. We used Group Policy and Active Directory security groups to create the following restrictions or customizations to the user interface:
- A popup message appeared upon login, reminding exam takers to open a Word document and save it right away under a unique filename only identifiable to them and to the exam proctor. This helped ensure exam content would be auto-saved every 10 minutes from the start (though we advised proctors tell students that Ctrl-S is still their friend).
- The desktop had icons for only the trash, a shortcut to run Word, and a shortcut to open the secure network share for the exam contents. The Word and storage shortcut icons were actually pulled from a network share by Group Policy, whenever the lockdown GPO for exams was enabled.
- The only executable allowed to run was winword.exe.
- The secure share permissions were set such that exam takers could only open and modify their own files, though they could see the entire contents of the share (hence why the filenames were preassigned and not shared among all the students). Proctors obviously had elevated rights to access all the files.
- Web access from within Word (e.g., search the web for selected text) was blocked by redirecting all traffic to localhost.
- Exam takers could not access or save documents to any folder location other than the secure network share, which was mapped as a network drive.
- Access to external storage media, like flash drives, was disabled.
- Once the lockdown group policy was created, it was easy to enable/disable as needed, depending on the use case for the lab. And only two Active Directory security groups had to be maintained, one for proctors and one for exam takers.
- Lab printers were still mapped as needed. Copies of exams could be printed for backup purposes, which was desired for high-stakes situations like graduate comprehensive exams.
This scheme had the following advantages:
- Students could log in using their single sign-on accounts, as usual.
- For the entire duration of the exam, the exam content resided in the datacenter (as opposed to local hard drives), which allowed for better disaster recovery in case of power failure, hardware failure, etc.
- No internet communication or access to prohibited information sources was possible.
Exam proctors/organizers had the following responsibilities:
- Notify IT well in advance of the exam needs, and provide a list of exam takers so the appropriate AD security group could be populated with that info (likewise for the proctors' AD security group).
- Proctors should clean up the secure network share as appropriate, after each exam.
- Meet with IT the afternoon before exam day to review 1) how the lab works in lockdown mode and 2) how to access exam content from elsewhere on campus.
IT had the following responsibilities:
- Populate AD security groups as appropriate.
- Enable/disable the lockdown GPO in a timely fashion before and after the exam.
Again, this was all done using standard standard GP and AD tools, so experienced sysadmins should be able to use the description above to create a similar setup.
Director of Customer Support
The University of Kansas Medical Center
Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.