1 Hat tip to Nick Silkey for bringing this one to my attention.
-
Upload
imogene-manning -
Category
Documents
-
view
216 -
download
0
Transcript of 1 Hat tip to Nick Silkey for bringing this one to my attention.
![Page 1: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/1.jpg)
1
www.xkcd.com/773Hat tip to Nick Silkey for bringing this one to my attention.
![Page 2: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/2.jpg)
What is the “Windows Roundtable” ?What is the “Windows Roundtable” ?
An informal gathering of people who “do Windows” at Yale to facilitate communication of common goals, problems and solutions across the Yale IT community.
Usually there will be a “headline topic” as a launching point for discussion and then general (moderated) discussion on whatever topics the group wants to cover.
Ground Rules:– The Roundtable is a Yale-internal discussion– The Roundtable is a “no-powerpoint zone”– Participation in discussions is encouraged to both bring your
questions and share your solutions.
2
![Page 3: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/3.jpg)
Yale Windows UniverseUpdate 2011Yale Windows UniverseUpdate 2011
Ken HooverManager, ITS Windows Systems Group (WINSYS)[email protected]
July 8, 2011
Ken HooverManager, ITS Windows Systems Group (WINSYS)[email protected]
July 8, 2011
3
DISCLAIMER: Some of this talk is about initiatives that are still in the pre-release stages. It is intended to give you outlines that you can use as you make plans for Windows-based services in your area of responsibility. Except where noted, dates listed are target dates only and may change due to collisions with reality.
![Page 4: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/4.jpg)
ITS Windows Systems Group (WINSYS)ITS Windows Systems Group (WINSYS)
WINSYS manages Windows servers in Yale’s data centers.
4
![Page 5: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/5.jpg)
AgendaAgenda
• A few quick highlights and interesting statistics
• Things that have changed in the last couple of years
• Services that are being revamped and upgraded
• Question Time
5
![Page 6: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/6.jpg)
6
Quick Yale AD HighlightsQuick Yale AD Highlights
• By the numbers…– 100K users– 31K computers– 13K groups– 3500 OU’s– 1300 GPO’s
– Domain Controllers process 8.4 Million Kerberos AuthN’s on a typical weekday (and generate 26GB of logs!)
![Page 7: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/7.jpg)
7
Changes in the last few years…Changes in the last few years…
• Exchange introduced in Summer 2007– Processing ~500K messages per day– ~11,000 mailboxes (and growing)– ~6TB of email store– Quota increased from 1GB to 2GB in 2009
• Active Directory taking over from MIT Kerberos– now backing CAS, for example
• Sharepoint & Project server in operation
• Shared SQL Servers
![Page 8: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/8.jpg)
8
Revamped services and a look aheadRevamped services and a look ahead
![Page 9: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/9.jpg)
NEW: Enterprise License AgreementNEW: Enterprise License Agreement
• Microsoft enterprise license agreement for all faculty and staff
• Includes:– Windows Desktop OS– Windows Server OS (all versions)– Office for Windows and Mac
• Free upgrades for those clinging to Office 2003, etc.– Enterprise Client licenses for Exchange, Sharepoint, and
others
• Foundational for exciting activity in the Microsoft space…
9
![Page 10: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/10.jpg)
10
BEING REBOOTED: Central File ServiceBEING REBOOTED: Central File Service
• Secure/managed file storage for users and departments• ~40TB of capacity added since September 1, 2010
• LOWER RATE for FY12: $1/GB/month• Available to anyone with a PTAEO we can charge• 3-lock approved
• New “flattened” CFS security model– Role-based access for departmental shares– Support for single-user “home” shares (finally!)– No mucking about with file/subfolder permission– Existing shares will have their structure and permissions
revamped to use new operating model during 2H CY2011
![Page 11: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/11.jpg)
11
CHANGED: WINSYS Patch Release CycleCHANGED: WINSYS Patch Release Cycle• Monthly patches for servers released in four cycles
– Cycle “A” – 2nd Tuesday (Rapid Response pool)
– Cycle “B” – 3rd Tuesday (Development and “below”)
– Cycle “C” – 4th Tuesday (Test/Pre-prod and “below”)
– Cycle “D” – 1st Tuesday (Production)
• Keep this cycle in mind if WINSYS runs a server for your department. Remember to test!
• Applies only to WINSYS-managed machines but a good approach in any multi-environment Windows-based application.
![Page 12: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/12.jpg)
12
NEW SERVICE: “Lync” Internal CommsNEW SERVICE: “Lync” Internal Comms• Secure, encrypted IM with AD backing• Online meetings/presentations
– Yes, with audio and video
• Good for business purposes within Yale• Free* for faculty and staff to use• Works on non-routable Yale subnets• Works from outside too without VPN**• Integrates with Exchange, Office 2007+
and Sharepoint• Native client included with Office 2011
for Mac
* Covered by new Microsoft Enterprise agreement** But some ISP’s block SIP so sometimes VPN is needed anyway.
PilotPilotrolloutrollout
![Page 13: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/13.jpg)
13
NEW SERVICE: Secure LDAP against ADNEW SERVICE: Secure LDAP against AD
• New Secure AD LDAP alias ad.its.yale.edu– Secure LDAP (ldaps://) with a Verisign certificate– Highly available through use of F5 load balancers– For applications that want to bind to the AD for any purpose
• NAS devices and other appliances• LDAP-based AD browser tools• Any code that uses LDAP to talk to the AD• Web applications using AD authentication• etc.
– PLEASE update your applications and NAS boxes to use this alias (test first!)
– Samba clients binding to the AD should still use “yu.yale.edu”• Make sure you’re not using the defunct “windows-auth”
names!
Use Use ThisThisNow!Now!
![Page 14: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/14.jpg)
14
NEW SERVICE: Managed SQL ServerNEW SERVICE: Managed SQL Server
• Centrally-hosted SQL2008 R2– Proposed cost $1k/yr per 5 DB’s / 5GB of data– APPROVED for use with 3-lock data– Servers managed by ITS DBA team and WINSYS– ODBC access, secure/encrypted connections required– On-disk encryption of databases available– You “own” your own data with SQL Management Studio– Good for:
• Cost-sensitive customers who need a SQL server• Most small to medium-size databases under normal use
– Not good for:• Very large databases• Databases with heavy transactional activity
SummerSummer2011?2011?
![Page 15: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/15.jpg)
15
PLANNED UPGRADE: Domain ControllersPLANNED UPGRADE: Domain Controllers• Refresh hardware and upgrade to 2008R2
– All DC’s will become eight-core 32GB x64 servers– Known issues with Samba versions before v3.3 which
are domain-joined• Fix/workaround information available• Better yet, upgrade Samba
• SYSVOL conversion– Uses DFS for replication– Transparent but needs testing– 2H CY2011
• Forest functional level upgrade to 2008R2 level– Winter 2011/201
![Page 16: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/16.jpg)
16
Oh, one more thing…Oh, one more thing…Oh, one more thing…Oh, one more thing…
![Page 17: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/17.jpg)
17
EXCHANGE 2010EXCHANGE 2010
• Robust multi-browser web interface– Mac users, rejoice!– And people running Linux on their toaster ovens…
• 5GB 8GB default mailbox quota– More space than 99.98% of Yale Exchange users use now– …and more than Gmail
• Currently in pilot deployment with early adopters
• Target: Everyone upgraded by Sep 1
![Page 18: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/18.jpg)
Exchange 2010 details…Exchange 2010 details…
• Adjusted Mailbox Quotas– 8GB Quota
• 7.75GB – warnings• 8.00GB – prohibit send• 8.25GB – prohibit receive (mail bounces)
• De-supported clients – Outlook 2000, XP
• … and you shouldn’t use Outlook 2003 either– Entourage 2004– Entourage 2008 pre-EWS– Upgrade these first… or dump them entirely.
18
![Page 19: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/19.jpg)
Exchange 2010 OWA Supported BrowsersExchange 2010 OWA Supported Browsers
19
“Full” Interface
•Windows XP and higher– IE 7+– Firefox 3.0.1+– Chrome 3.0.195.127+
•MacOS– Safari 3.1+– Firefox 3.0.1+
•Linux– Firefox 3.0.1+
“Light” interface
•Broadest compatibility•Accommodates visually impaired•Good for slow connections•Better than Horde
•Examples:– IE6– Chrome on Linux– Safari on Windows & iPad– Android web browsers– Opera
![Page 20: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/20.jpg)
20
Exchange 2010 OWA Demo?Exchange 2010 OWA Demo?Exchange 2010 OWA Demo?Exchange 2010 OWA Demo?
![Page 21: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/21.jpg)
SummarySummary
• New Microsoft Enterprise Agreement– Lots of stuff is now “free” which used to cost extra.– Upgrade Office!
• Central File Service revamped– New operating model with better security and auditability– Lower cost to users - $1/GB (includes backup)
• New SQL2008 database service being launched– $1000/yr per 5 DB’s or 5GB/data, 3-lock OK– Platform operated by ITS DBA team and you manage your data
• Lync being piloted– Secure Yale-owned IM– Includes online meetings/presentations
• Exchange 2010– Any-web-browser-friendly– 8GB quota
21
![Page 22: 1 Hat tip to Nick Silkey for bringing this one to my attention.](https://reader033.fdocuments.us/reader033/viewer/2022051415/56649d205503460f949f428a/html5/thumbnails/22.jpg)
22
Questions / DiscussionQuestions / Discussion
• What do you think of this format?
• Should this become a repeating conversation once again? How often?