Windows 2000 Presented to CCC by Pat Schneider May 23, 2001.
-
Upload
gervais-jenkins -
Category
Documents
-
view
214 -
download
0
Transcript of Windows 2000 Presented to CCC by Pat Schneider May 23, 2001.
Windows 2000
• Brief History of the Windows 2000 Project– Received Beta 1 release in October 1997– Project kickoff in April 1999• Participating Units – College of Engineering, ASU
West, ASU East, Information Technology
Windows 2000
• Brief History of the Windows 2000 Project– Expansion of the project• Other units joined the project
• Created various subcommittees– AD Model, Kerberos, Migration, Service Level
Agreement, Student Domain, Dfs, Group Policy, Documentation, Exchange 2000, QA Environment
Windows 2000
• Review by a Microsoft Consultant (August 2000)– http://www.asu.edu/it/w2k/documents.html
Windows 2000
ECAPDC, RID
Infrastructure
OldMainGC
BACGC
ECAPDC, RID
Infrastructure
OldMainGC
BACGC
ECAPDC, RID
Infrastructure
OldMainGC
BACGC
Infrastructure
PDC,RIDGC
Infrastructure
PDC,RIDGC
AD.ASU.EDU(ASUAD)
(ASURITE)ASURITE.AD.ASU.EDU
(ASUSTUDENT)STUDENT.AD.ASU.EDU
WEST.AD.ASU.EDU
EAST.AD.ASU.EDU
Additional domainsOnly if necessaryxxx.AD.ASU.EDU
TransitionalDomains
xxx.AD.ASU.EDU
Site = MAIN
Site = WEST
Site = EASTArizona State University Active Directory Forest
Forest root domain name = AD.ASU.EDU
PMS 4/10/01
ASU Windows 2000 Domain Structure (4/10/2001)
Windows 2000
• Implemented empty root domain in production (September 2000)– AD.ASU.EDU– Provides a secured environment for schema
management
Windows 2000
• Implemented the ASURITE domain (October 2000)– ASURITE.AD.ASU.EDDU– Upgraded existing Windows NT 4.0 ASURITE
domain to Windows 2000
Windows 2000
• Development of the Service Level Agreement (April 2001)– Outlined four options that a unit can choose
from for its environment• Responsibilities vary depending on the option
selected
– http://www.asu.edu/it/w2k/documents.html
Windows 2000
• Option 1 – Resource management via Organization Unit(s) in the ASURITE.AD.ASU.EDU or STUDENT.AD.ASU.EDU Domains– Units that do not have a Windows NT 4.0
domain and are using peer-to-peer networks; add only workstations to the domain
Windows 2000
• Option 2 – Member Server(s) in the ASURITE.AD.ASU.EDU or STUDENT.AD.ASU.EDU Domains– Units who currently have Windows NT 4.0
domains and will take advantage of centralized account creation/administration by bringing member servers into the ASURITE and/or STUDENT domain.
Windows 2000
• Option 3 – Separate Domain (child/peer) – Campus/College/VP Level Units Only– Units who currently have a Windows NT 4.0
domain and have a technical reason to maintain a separate domain.
Windows 2000
• Option 4 – Separate Forest– Units who do not want to participate in the
overall University Windows 2000 infrastructure
Windows 2000
• Current Project Status– AD.ASU.EDU forest created • Empty root
• Three domain controllers to support the forest– A-Wing, DataComm Room, BAC
Windows 2000
• Current Project Status– ASURITE.AD.ASU.EDU domain created • Upgrade of Windows NT 4.0 domain
• Three domain controllers to support the forest– A-Wing, DataComm Room, BAC
• Authentication domain
• Member servers will join this domain
Windows 2000
• Current Project Status– ASU West joined the production forest (May
2001)• Child domain
Windows 2000
• Subcommittee progress– AD Model• Working on defining OU structure for the ASURITE
domain
– Student Domain• Working on defining the needs/requirements for a
student domain
– Kerberos• Working on testing the integration of V5 Kerberos
with Windows 2000
Windows 2000
• Subcommittee progress– Group Policy• Defining how to apply group policy within the
individual OU’s
– Dfs• Testing out Dfs functionality
– QA Environment• Creating online request system• Re-defining the environment
Windows 2000
• Subcommittee progress– Migration Subcommittee• Evaluating 3rd party software to use for migrating
from Windows NT 4.0
• Documenting individual department environments
• Documenting various migration scenarios for department reference
– Exchange 2000• Testing out migrating from Windows NT 4.0 and
Exchange 5.5 to Windows 2000 and Exchange 2000
Windows 2000
• Other work in process– Evaluating performance and event log
monitoring software– Purchased Directory Analyzer to maintain the
integrity of the Active Directory
Windows 2000
• Future Steps/Phases– Implementing the AD model (June/July)• Establish the OU structure and delegate
permissions to the Unit Administrators
– Implementing the AP process (June/July)• Self-sub new users and put them in the Active
Directory, in appropriate departmental groups
Windows 2000
• Future Steps/Phases– Student Domain (Fall 2001)• Implement OU structure
• Implement AP process
– QA Environment (June – Sept.)• Re-build the environment (June/July)
• Implement requesting/tracking system (Sept.)
Windows 2000
• Future Steps/Phases– Documentation (June)• Complete all documentation defined in the SLA and
have it posted on the new Windows 2000 web page
• http://www.asu.edu/it/w2k/documents.html
– Exchange 2000• Upgrade current servers to Windows 2000 (Fall
2001)
• Upgrade current servers to Exchange 2000 (Fall 2001)
Windows 2000
• Future Steps/Phases– Kerberos implementation (?)• Integrate the ASUSTUDENT domain with Kerberos
authentication.
Windows 2000
• Future Steps/Phases– Enterprise application support– Overall Windows 2000 security– Windows XP