The move to Active Directory.

Slides:

Advertisements

Similar presentations

Collaboration and Unified Dennis Schmidt, Director, OIS.

Advertisements

IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.

Welcome Overview of this Session Introduction The Migration –Active Directory (replacing Novell) – & Calendar – from iPlanet to Outlook –Network.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

NHSmail: Technology Refresh 26 th February 2008 Mike Dolan NHSmail Migration Manager.

Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.

MCITP: Microsoft Windows Vista Desktop Support - Enterprise Section 1: Prepare to Deploy.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

1 SLAC Windows Migration Bob Cowles Presented for the SLAC Windows Migration Project HEPNT, Fermilab October 24, 2002.

Business Productivity Online Suite Enterprise class software delivered via subscription services hosted by Microsoft and sold with partners.

SP2 Mikael Nystrom. Agenda Översikt Installation.

Virtual Machine Management

Elements of a Small PC Network LAN Standards –We will focus on LANs that follow the Ethernet standard (80% do) Small Ethernet PC networks use only inexpensive.

Introduction to Active Directory December 10th, pm Daniels 407.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,

VASCO Data Security 1 End Of Live VACMAN MIDDLEWARE VASCO ENTERPRISE SECURITY.

1 Chapter Overview Network Operating Systems Network Clients Directory Services.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Oracle Application Server 10g (9.0.4) Recommended Topologies Pavana Jain.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Virtualization Lab 3 – Virtualization Fall 2012 CSCI 6303 Principles of I.T.

A look at the current initiatives within UWE such as SharePoint, consolidation and virtualisation as well as some of the technology trends we can see coming.

Chapter 9: Novell NetWare

Verify Hardware Requirements Install Windows Server 2008 R2 Configure Active Directory Install SQL Server 2008 Install SharePoint Server 2010 Configure.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

System Center 2012 Certification and Training May 2012.

SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.

Open MTIP Meeting April 5, Issues with current lab setup (from last meeting) Easier/faster application deployment and maintenance Client diversity.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

Samba – Good Just Keeps Getting Better The new and not so new features available in Samba, and how they benefit your organization. Copyright 2002 © Dustin.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Microsoft Management Seminar Series SMS 2003 Change Management.

Intro to Datazen.

Comprehensive Project Management Solutions with the.NET Server family.

RAL PPD Tier 2 (and stuff) Site Report Rob Harper HEP SysMan 30 th June

Windows SharePoint Services Installation and Configuration.

12/3/98 Stanford Linear Accelerator Center Patrick R. Hancox

BE-com.eu Brussel, 26 april 2016 EXCHANGE 2010 HYBRID (IN THE EXCHANGE 2016 WORLD)

© ExplorNet’s Centers for Quality Teaching and Learning 1 Explain the purpose of Microsoft virtualization. Objective Course Weight 2%

Planning Server Deployments Chapter 1. Server Deployment When planning a server deployment for a large enterprise network, the operating system edition.

Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.

Al Lilianstrom and Dr. Olga Terlyga NLIT 2016 May 4 th, 2016 Under the Hood of Fermilab’s Identity Management Service.

Office 365 Upsell Paths.

Getting Connected to NGS while on the Road…

The Post Windows Operating System

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.

Happy Endings: Reengineering Wesleyan’s Software Deployment to Labs and Classrooms Kyle Tousignant 03/22/2016.

Virtualization for Cloud Computing

MED-V - Managing virtual PCs for IT Pros

Upsell Small Business Customers to an Office 365 plan

Managed Desktops :SSD IT Services Ammar Khan, Desktop solutions team

Securing the Network Perimeter with ISA 2004

Control system network security issues and recommendations

Malcolm Days Mark Miners James Farnhill

Debunking the Top 10 Myths of Small Business Server: Using Windows SBS in Larger Environments Abstract: This session will debunk some of the common myths.

Chromebooks and Cloud Computing

Novell Netware Case Study.

Zero Clients and Virtual Desktops in Academic Environments

SharePoint 2019 Changes Point of View.

Migrating to Office 365 from Google mail and exchange

NAV In The Cloud: Exploring Options for a Cloud-based Deployment

Getting Connected to NGS while on the Road…

Microsoft Windows 7 & Standard Staff Desktop

Deploying Exchange 2003 John Westworth SMS&P

PerformanceBridge Application Suite and Practice 2.0 IT Specifications

Productive + Hybrid + Intelligent + Trusted

John Taylor, Deputy CISO Martin Myers, IT Architect

Presentation transcript:

The move to Active Directory. Proposed changes to our managed desktops – SSD5 and CSCE 7. Pete Mitchell, IT Services.

Outline We find ourselves at a crossroads w.r.t Directory provision. We have for a number of years ran two production directory systems in parallel, which together with the other core services underpin our standard desktop products. The recent expansion of Exchange provision, and the experience of the DST in the development of SSD5 informed our decisions about how we should provide service moving forward. I will outline our proposals for the support of standard desktops, with more detail on support for student systems.

Active Directory Currently we run the CENTRE.ad.gla.ac.uk domain to support Exchange, SSD5 and a range of other services. CENTRE has evolved from the original NT4 Domain. Moving forward from NT4.0 to Windows Server 2003 the range of threats necessitated a very aggressive security model. Hard coded non standard replication and service ports with “matrix” type filtering on each switch port. This has served us well, in that we have had no compromises to the system but it does make moving forward with this environment very challenging.

Active Directory We are not confident of being able to extend the provision from CENTRE, given the challenges the security model presents, to cover all of our needs without the spectre of service interruption or withdrawal. Given it’s mission critical, and we have now inherited a number of challenges to service delivery we decided, in conjunction with the vendors (MS), to implement a new AD to host our new services, CAMPUS.ad.gla.ac.uk.

Campus Active Directory New production active Directory, campus.gla.ac.uk. Windows 2008 Domain Functional Level. Windows 2008 Advanced Server, 64bit Enterprise. Provisioned Accounts ( IDM created and managed ). Built to support all central services moving forward.

Campus Active Directory No inheritance from previous systems. No legacy operating modes. No legacy objects for previous versions. Clean accounts created. Less aggressive security environment Windows Server 2008 much more secure. New ability to deploy only the services we need on certain box’s to reduce exposure. More opportunity for interoperation with other systems. Still secure enough !

Active Directory - Services Current SSD 5 supported by AD ( CENTRE ) Customers very happy with performance, and interface ( single sign on ). DST very happy with tools and technologies to build/manage and deploy desktops. Back end systems offer high performance, good DR . DST happy to discuss any aspect of SSD5 provision.

Moving forward We now have significant experience of supporting large scale mission critical services from the AD. Exchange, and the SSD5 back end services have performed well, and delivered the services the users want in a way that the server teams are happy to support Consequently we have the confidence to move our core services to AD

Changes to Student System Why Now ? Novell support for OES ( Netware ) deprecating, the alternatives on offer are essentially Linux ( SUSE ) but without the advantages of the older OES systems ( NSS ). No 64bit support for OES, meaning 4GB RAM max on fileservers. It’s becoming difficult to get hardware that’s supported/ drivers that are current for the latest hardware revisions. We expect the OES suite to be dropped by some of our third party ( backup and integration ) software vendors. Windows technologies now better at managing large scale installations of Windows Clients, both server and DST team happy with the technologies maturity. We have some concerns about Novell viability in this space moving forward. They will still be a big player in the IDM and Linux space.

Changes to Student System It now makes sense to migrate CSCE, as we then move towards one directory for core service provision, for staff and students moving forward. Economies of scale, and skills duplication should improve our efficiency in supporting the core infrastructure.

Changes to the Student System We are moving to an Active Directory leveraged system from Summer 2009 ! We will replace eDirectory with Active Directory ( authentication ) We will replace OES with Windows Server 2008 ( filestore ) We will replace Zenworks with Systems Centre Configuration Manager ( control )

Changes to the Student System Student accounts provisioned into Campus active directory from Feb 2009. Same username and password as the existing system. Fully linked to Data Vault. Two way Password sync between Data Vault and Active Directory (and eDirectory) Exchange account provisioned upon creation.

Changes to the Student System Migration of filestore to Windows Servers hosted in campus.ad.gla.ac.uk – June/July 2009. All filestore for all years. Windows 2008 clusters to support student filestore moving forward. Additional filestore offered via SharePoint portal for collaboration data. Some support for roaming profiles (we think!).

Changes to the Student System CSCE 7 Windows XP, SP3 supported by Active Directory. Supported by Systems Centre Configuration Manager. Workstation control and applications deployment via Group Policy. Significant improvement in hardware and software inventory and control. PXE supported remote build model (boot from NIC).

Changes to the Student System CSCE 8 Windows Vista based. We hope to share a common deployment and management mechanism with Standard Staff Desktop 7. Again, DST happy to outline their experiences so far with Vista.

Changes to the Student System Email Microsoft Exchange 2007 for all students*. 300 MB UG, 500MB PG (min). Outlook 2007 native mode on CSCE machines. OWA ( outlook web access ) offsite. Support for handhelds/windows mobile/iphone/crackberry. Calendar support.

Changes to Student System Virtual Office not supported –> Sharepoint. Remote access to filestore via SharePoint/Webdav. Native support of Macintosh OSX access. Webdav support. FTP. Much, much more scope for collaboration.

Migration Migration We will need to support a half way house. Latest CSCE ( as of end of term 3 ) supported for access to files etc, but DEPRECATED ! Version previous to this will receive NO SUPPORT. By virtue of the account details matching up ( data vault) we can use net use commands to access Windows shares via the login script. There “may” be another password prompt, but we currently think not.

Migration Applications support – migration Some departments have many packaged applications. We will research deploying these to AD machines using later Zenworks clients which do not require Novell Client logins. There will be work to re-package a lot of stuff. Hope to have a beta of CSCE 7 available for Easter 2009.

Support for Legacy/Interoperation We will of course try to provide as much support as possible for migration. Where departments offer non-csce services to students we can provide “bridging” solutions. We do, however, need much support from our partners to bring this forward. CSCE 7+ offers an excellent opportunity to improve student service going forward.

Timetables SSD5 available – Now (for some time). Campus implementation – Now. Prep for Exchange 2007 in Campus – ongoing. Sharepoint delivery Jan/Feb 2009. CSCE 7 Beta – Feb 2009. Assistance with applications deployment to Beta – March 2009. Filestore Migration – June 2009. CSCE official on Campus August 2009.