...
Before the new starter arrives they need their NBT account set up. This is done through https://sdplus all new accounts need to be signed off by an authorised user currently this is Tim Whitlock (Deactivated) so requests are best done by them to avoid complications and delays. In the default signees absence Retha should be able to authroise a new account. NBT now quotes 8 days to set up an account. As part of the setup the appropriate group memberships need to be added to the account and access to shared mailboxes setup. This is most readily done by suggesting another users memberships to be copied. New accounts require a DOB which is used when authenticating the user for passwordstheir initial password when they first login. After the account is set up the new starter will need to call the NBT IT Support on ext 2020 quoting the ticket number of the request to get their new passwordinitial password which they will be required to change when they first logon.
Once an email has arrived to confirm account set up it should be forwarded to HR Jennifer Barwelland the new starter will get on line online as part of their initial induction. It is also useful to check the AD entries for the new user to ensure they have been added to the correct groups etc. (Common mistakes are to not set the email to @renalregistryemail to default to @renalregistry.nhs.uk or uk or to miss out email groups. )
...
Each remote worker will have their own NBT laptop. These laptops are configured to use the NBT VPN and are encrypted.
Remote access has been made a lot easier with the roll out of global protect. Laptops will have this installed by default and it will magically know if the laptop is connected via the internet or on the local hospital network and ensure all a secure connection exists. The drives will all be encrypted with bitlocker as the roll out of win10 on all machines is completed. New users will need to have logged into the laptop once whilst connected to the NBT internal network for global protect to work remotely.
| Expand | ||
|---|---|---|
| ||
Setting up a new user on the laptop involves configuring their Mcafee Encryption password and logging in to windows on it for the first time. This is best done whilst physically connected to the NBT network. This is possible either in the meeting room or at Tim Whitlock (Deactivated)desk. When the laptop is first switched on it asks for the Mcafee login this consists of the NBT login id of the user and a unique password. If the user account is not recognised by the Mcafee software then NBTIT will be required to do some re configuring of the laptop. The usual UKRR setup is allow any member of the UKRR to use Mcafee and if a user hasn't been configured on Mcafee yet they will need to use the default password the first time which will then require them to set their chosen password and answer some security questions (which allow the user to reset their password should they need to). The default password is held in the system team password vault. Once configured this password should work on all UKRR laptops though it may be necessary to be connected to the NBT network when first used on a different laptop if that laptop has not recently been connected to the NBT server and picked up the updated password files. Having negotiated the encryption a new remote worker needs to login to windows on the laptop. This creates the initial user profile locally on the laptop and allows the user to login to windows without connecting to the NBT network. This must be done with the laptop connected to the NBT network. After successfully logging in the laptop |
...
should be ready for remote working. VPNIn order to connect back to the NBT network remote users will need a VPN connection. This requires an app on a smartphone Android RSA SecureID or IOS RSA SecureID Token dependng on the phone OS. NBT IT will send an email to the user with a link to the certificate that needs to be clicked on the phone this will then load the certificate in to the phone app during this process it will ask for a password which is NBT user login account and then it can provide the token ids for logging in. To configure the VPN for the first time a user pin needs to be configured. By default the account will be in "New Pin Mode" which should false the user to configure a new pin. The VPN can only be used when the laptop is not connected to the NBT network. so to configure whilst in the office a mobile phone must be used to provide the internet connection. Login to the laptop and then follow the below instuctions.
|
Phone
Some remote workers have a separate work phone. These should be set up in the normal way. Other than the VPN SecureID App no specialist apps are required and the set up is currently left to the individual.
...
The programmes team use workshare to share and manage documents. This software needs to be installed on any new remote worker laptop. Accounts for workshare are managed by the programme teams themselves but the Systems Team can if required configure a user and the information is held in the password vault. If the software needs to be installed access to the installer is best done by logging in to the workshare connect web interface https://my.workshare.com/m#signin and then selecting the menu in the top right which gives access to the download center.
| Warning | ||
|---|---|---|
| ||
As of 2020 workshare dropped support for office 2010 integration so until our Office installations are updated to a newer version only older versions of Workshare will work on our machines. |
This will then offer the appropriate download for the desktop application. There is a known issue with the latest Dell Laptops where the interface doesn't display properly unless the graphic properties for the app don't use the opengl rendering. http://workshare.force.com/knowledgebase/articles/Troubleshooting_Article/Graphics-drivers-not-compatible.
...