Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information...
-
date post
15-Jan-2016 -
Category
Documents
-
view
215 -
download
0
Transcript of Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information...
![Page 1: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/1.jpg)
Windows 2000Windows 2000
Arizona State UniversityWindows 2000 Infrastructure
Mehran YahyaInformation TechnologyPatricia M. Schneider
Information Technology – East
![Page 2: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/2.jpg)
Windows 2000Windows 2000
Brief History of the Windows 2000 Project– Project kickoff in April 1999
Participating Units – College of Engineering, ASU West, ASU East, Information Technology
– Expansion of the project Other units joined the project Created various subcommittees
– AD Model, Kerberos, Migration, Service Level Agreement, Student Domain, Dfs, Group Policy, Documentation, Exchange 2000, QA Environment
![Page 3: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/3.jpg)
Windows 2000Windows 2000
Development of the test models– Several variations of forest/domain
infrastructures
![Page 4: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/4.jpg)
Windows 2000Windows 2000
Review by a Microsoft Consultant (August 2000)
http://www.asu.edu/it/w2k/documents.html
![Page 5: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/5.jpg)
Windows 2000Windows 2000
Final production model defined (September 2000)
![Page 6: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/6.jpg)
Windows 2000Windows 2000
Implemented empty root domain in production (September 2000)– AD.ASU.EDU– Provides a secured environment for schema
management
![Page 7: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/7.jpg)
Windows 2000Windows 2000
Implemented the ASURITE domain (October 2000)– ASURITE.AD.ASU.EDU– Upgraded existing Windows NT 4.0 ASURITE
domain to Windows 2000– Approximately 12,000 current accounts
8,200 current Exchange mailbox accounts
– Faculty/staff– Student workers with Exchange accounts
![Page 8: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/8.jpg)
Windows 2000Windows 2000
Created a Development Environment– TAD– TASURITE– TASUSTUDENT
![Page 9: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/9.jpg)
Windows 2000Windows 2000
Created a Quality Assurance Environment– QAAD– QAASURITE– QAASUSTUDENT
![Page 10: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/10.jpg)
Windows 2000Windows 2000
Created a Production Student Domain– ASUSTUDENT
![Page 11: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/11.jpg)
Windows 2000Windows 2000
ASU-West domain creation ASU-West student domain creation ASU-East domain creation
![Page 12: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/12.jpg)
Windows 2000Windows 2000
Established a trust between the current MIT v5Kerberos domain and the Windows ASUADdomain
– Use of Kerberos authentication for student sites– Populated the ASUAD domain with all active
Kerberos IDS (approximately 91,000)– Necessary to allow child domains use of the
Kerberos accounts– Name mappings between ASUAD accounts and
Kerberos domain accounts– Work around for licensing in labs and classrooms
![Page 13: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/13.jpg)
Windows 2000Windows 2000
(EAST)EAST.AD.ASU.EDU
Site = M AIN
Schema,Domain Naming,
PDC, GC
(ASUAD)AD.ASU.EDU
PDC,GC
GCRID,Inf.
Master
(ASURITE)ASURITE.AD.ASU.EDU
PDC,GC
RID,Inf.
Master
(STUDENT)ASUSTUDENT.AD.ASU.EDU
PDC, RID,Inf. Master, GC
GC
(ASUW EST)W EST.AD.ASU.EDU
(W ESTSTUDENT)W ESTSTUDENT.AD.ASU.EDU
Arizona State University Active Directory ForestForest Root Domain Name = AD.ASU.EDU
Site = M AIN
Site = WEST
PMS 2/14/2003
ASU Windows 2000 Domain Structure (2/14/2003)
M IT v5Kerberos
3
21
GCPDC, RID,Inf. Master
1 2
PDC,RID,GC
InfrastructureMaster
1 2
Inf.Master
RID,GC
21
321 21
AD1: ECA2: BAC3: Old Main
ASURITE1: ECA2: Old Main3: BAC
STUDENT1: ECA2: BAC
![Page 14: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/14.jpg)
Windows 2000Windows 2000
Development of the Service Level Agreement (April 2001)- Outlined IT responsibilities for maintaining the
infrastructure
- Outlined four options that a unit can choose from for its environment
Responsibilities vary depending on the option selected
– http://www.asu.edu/it/w2k/documents.html
![Page 15: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/15.jpg)
Service Level AgreementService Level Agreement
Implement in Development and QA before going to Production
Redundant Domain Controllers Microsoft Operations Manager
- Replication within a Domain
- Replication between Sites Disaster Recovery 24/7 On-call Support
![Page 16: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/16.jpg)
Windows 2000Windows 2000
SLA – Option 1– Resource Management via Organizational Unit(s)
in the ASURITE.AD.ASU.EDU or STUDENT.AD.ASU.EDU Domains
![Page 17: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/17.jpg)
Windows 2000Windows 2000
SLA – Option 2– Member Server(s) in the ASURITE.AD.ASU.EDU
or STUDENT.AD.ASU.EDU Domains
![Page 18: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/18.jpg)
Windows 2000Windows 2000
SLA – Option 3– Separate Domain (child/peer) – Campus /
College / VP Level Units Only
![Page 19: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/19.jpg)
Windows 2000Windows 2000
SLA – Option 4– Separate Forest
![Page 20: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/20.jpg)
Windows 2000Windows 2000
Requesting to Join the AD.ASU.EDU Forest Requesting DNS Services for a New Forest Requesting Restore of Active Directory
Objects Requesting Service Authorization / Delegation Non-Compliance Service Level Agreement Form Submission
– http://www.asu.edu/it/w2k/documents.html
![Page 21: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/21.jpg)
Account Creation ProcessAccount Creation Process
AP Process – Primary Process for Account Creation ASUAD Domain
- All Active IDs ASURITE Domain
- Faculty, Staff and Student Workers w/Exchange Student Domain
- No Accounts East and West Domains (their own IDs)
![Page 22: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/22.jpg)
Account Creation ProcessAccount Creation Process
Dept./College
HRMS
HR
SIS
AP
Affiliate DB
John Smith
Automated process createsjsmith user ID
![Page 23: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/23.jpg)
DNS and DHCPDNS and DHCP
NetID ver 4.2.2 from Nortel Networks4 DNS Servers; 1 Primary and 3
BackupUpdate SRV Records for Domain
Controllers2 Campus DHCP Servers
![Page 24: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/24.jpg)
DNS and DHCPDNS and DHCP
DHCP
Sunfire 150
Primary DHCP
Server Manager for DHCP Servers
ASUDNS3
Netra 10
DNS
ASUDNS2
Netra 10
DNS
Server Manager for DNS Servers
ASUDNS1
Netra 10
DNS
ASUDNS4
Sunfire 280R
Primary DNS
Application Server Sybase Database Backup DHCP
![Page 25: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/25.jpg)
DNS and DHCPDNS and DHCP
Web BrowserApplication
Server
DNSServer
DNSServer
DNSServer
DHCPServer
ServerManager(process)
Database
ServerManager(process)
![Page 26: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/26.jpg)
DNS and DHCPDNS and DHCP
Do not register Workstations or Member Servers in DNS
![Page 27: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/27.jpg)
OU Creation and SecurityOU Creation and Security
OU Creation and Delegation
- Default Groups
- Delegate Administrative AuthorityACL and Security
- OU Access/View using MMC
![Page 28: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/28.jpg)
Windows 2000Windows 2000
Exchange 2000– Member servers in the ASURITE.AD.ASU.EDU
domain– Uses active directory for global address list– Distribution lists– Attribute population
![Page 29: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/29.jpg)
Windows 2000Windows 2000
Windows 2003– Wait until the end of summer to begin
testing– Setting up a testing environment
SMS 2003– Testing is beginning– For more information, contact Russ Mohn
![Page 30: Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d575503460f94a36135/html5/thumbnails/30.jpg)
Windows 2000Windows 2000 Additional resources
– ASU Windows 2000 web page http://www.asu.edu/it/w2k/documents.html
– Active Directory – 2nd Edition O'Reilly & Associates, Paperback, 2nd edition, Published
April 2003, ISBN 0596004664 – Windows 2000 Group Policy, Profiles and IntelliMirror
Sybex / 2001 / 0782128815 – Microsoft web page– TechNet– MSDN