System Management in a Windows based Control Environment

Slides:

Advertisements

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

Advertisements

1 Module 1 The Windows NT 4.0 Environment. 2  Overview The Microsoft Operating System Family Windows NT Architecture Overview Workgroups and Domains.

6/4/2015H. Schwendicke1 Reinhard Baltrusch, Helga Schwendicke, Gunter Trowitzsch Total Virus Defense Licensing Installation Updates Lovesan/

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Windows Anti-virus and Security WNUG Meeting

Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.

Introduction to Computer Administration System Administration

12/04/98HEPNT - Windows NT Days1 NT Cluster & MS Dfs Gunter Trowitzsch & DESY WindowsNT Group.

Active Directory: OU Administration December 17th, pm Daniels 407.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

WINDOWS XP PROFESSIONAL Bilal Munir Mughal Chapter-1 1.

26/4/2001VMware - HEPix - LAL 2001 Windows/Linux Coexistence : VMware Approach HEPix – LAL Apr Michel Jouvin

ITE 1 Chapter 5. Chapter 5 is a Large Chapter It has a great deal of useful information about operating systems. You will find this VERY helpful when.

Section 10: Assigning and Publishing Software Packages Using MSI Packages to Distribute Software Using Group Policy as a Software Deployment Method Deploying.

Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.

NETWORK FILE ACCESS SECURITY Daniel Mattingly EKU, Dept. of Technology, CEN/CET.

Cloning NT Using DriveImage Chris Brew Particle Physics Department Rutherford Appleton Laboratory rl.ac.uk.

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Windows NT Chapter 13 Key Terms By Bill Ward NT Versions NT Workstation n A desktop PC that both accesses a network and works as a stand alone PC NT.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 13 Understanding and Installing Windows 2000 and Windows NT.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.

1 Chapter Overview Preparing to Upgrade Performing a Version Upgrade from Microsoft SQL Server 7.0 Performing an Online Database Upgrade from SQL Server.

NiceFC and CMF Introduction Ivan Deloose IT-IS Custom Windows Services for Controls Applications.

A Networked Machine Management System 16, 1999.

14-Nov-2000EPICS Workshop - Oak Ridge1 PCaPAC Review Matthias Clausen DESY/ MKS-2.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Chapter 2 Securing Network Server and User Workstations.

Windows Server 2003 La migrazione da Windows NT 4.0 a Windows Server 2003 Relatore: MCSE - MCT.

TrainingRegister® Training Management Software Maintain Permanent Training Records for Each Individual Monitor and Track Required Training Know Who Needs.

Introduction TO Network Administration

Windows NT at DESY Status report HEP NT 4 th -8 th October 1999 SLAC.

R. Krempaska, October, 2013 Wir schaffen Wissen – heute für morgen Controls Security at PSI Current Status R. Krempaska, A. Bertrand, C. Higgs, R. Kapeller,

HNC COMPUTING - Network Concepts 1 Network Concepts Network Concepts Network Operating Systems Network Operating Systems.

I NTRODUCTION TO N ETWORK A DMINISTRATION. W HAT IS A N ETWORK ? A network is a group of computers connected to each other to share information. Networks.

Automating Installations by Using the Microsoft Windows 2000 Setup Manager Create setup scripts simply and easily. Create and modify answer files and UDFs.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

CITA 171 Section 1 DOS/Windows Introduction. DOS Disk operating system (DOS) –Term most often associated with MS-DOS –Single-tasking operating system.

Troubleshooting Windows Vista Lesson 11. Skills Matrix Technology SkillObjective DomainObjective # Troubleshooting Installation and Startup Issues Troubleshoot.

Microsoft Installing & Configuring Windows Server Exam Questions Answers Powered By:

Networking Week #10 OBJECTIVES Chapter #6 Questions Review Chapter #8.

Happy Endings: Reengineering Wesleyan’s Software Deployment to Labs and Classrooms Kyle Tousignant 03/22/2016.

SmartCenter for Pointsec - MI

SDN challenges Deployment challenges

DIT314 ~ Client Operating System & Administration

Create setup scripts simply and easily.

Managing Security Policies Using Microsoft Group Policies Objects

CMS DCS: WinCC OA Installation Strategy

Self-service enrollment for Windows desktops

Configuring Windows Firewall with Advanced Security

2016 Citrix presentation.

Information Technology (IT) Department

THE STEPS TO MANAGE THE GRID

Call to Fix QuickBooks Error

Solutions: Backup & Restore

Unit 27: Network Operating Systems

Windows xp professional

Networks Software.

11/23/2018 3:03 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Lesson 16-Windows NT Security Issues

Chapter 2: The Linux System Part 1

NT Applications Support – Status and Future Developments

CT 1306 Communication Networks Management Lab

PLANNING A SECURE BASELINE INSTALLATION

Chapter 3 – Operating Systems

Presentation transcript:

System Management in a Windows based Control Environment Christian Caro DESY 2/19/2019 The DESY WindowsNT Group

The DESY WindowsNT Group PCaPAC Conference from 9.10.2000 – 12.10.2000 in Hamburg Accelerator Controls Consolen Device Server Hera: NT 4 MSDOS, Linux, NT, ... Petra: Win3.X+Novell Win3.X DESY 2+3: „ „ Doris: „ „ Linac 2+3: „ „ TTF: Solaris Solaris 2/19/2019 The DESY WindowsNT Group

Why is software deployment an issue in a control environment ? Number of PCs is > 50 fast control software life cycle management tasks OS setup / device driver installation install applications manage applications (preconfigure, make changes, install bug fixes) system management (change local configuration like regional settings, new WINS server, ) reliability 2/19/2019 The DESY WindowsNT Group

Technical Procedure on NT Installing an application means copy files, replace file even if they are in use dll versioning modify “ini” files instead of replacing them Registry NTFS security (on files, registry) System management tasks local policy, user rights, local account management, auditing (Distinguish between user and workstation part) 2/19/2019 The DESY WindowsNT Group

The DESY WindowsNT Group Classes of Usage Control room front-end PCs for operating, running control software Device servers only one special application is running Developer PCs Standard Office PCs with development environment 2/19/2019 The DESY WindowsNT Group

Characteristics of Control PCs Used by many people  prevent changes Software updates update almost every day !!! Updates must run asynchronously Apply software and updates to all PCs If PC fails or makes trouble, just shut it down Additional standard software is desired 2/19/2019 The DESY WindowsNT Group

Characteristics of Device Servers Not used interactively Software updates less frequently Need to define exactly when to update (not asynchronously) Targeting updates to single PCs or group of PCs If server fails, it needs to be replaced fast How to install device additional device drivers ? No standard software needed 2/19/2019 The DESY WindowsNT Group

Implementation at DESY NetInstall system management / application management tool from InstallShield (package, preconfigure, target, deploy applications) Application support classification in NT Domain Red: computer in domain without NetInstall Yellow: use NetInstall support, but user is free to install additional software Green: use NetInstall support, but the local security policy prevents user from installing additional software or changing any dlls 2/19/2019 The DESY WindowsNT Group

NetInstall Databases Idea: use the same tool for HERA control software share knowledge export control software to ALL office PCs at DESY import standard software from central application support Control PC Developer PC Office PC import standard software Common NetInstall database HERA NetInstall database Device Server export control software 2/19/2019 The DESY WindowsNT Group

The DESY WindowsNT Group Control PCs for HERA About 50 Controls PCs are located in control room, table PCs (“yellow”), experimental halls, ... Green PCs in common domain Only a few PCs have additional hardware frame grabber, monitor splitter, ... All PCs get the same applications Additional standard software VB5, VB6, MSOffice97, Browser, ... Everything installed locally Autologin with domain account 2/19/2019 The DESY WindowsNT Group

Software Updates on a Control PC 1. Updates with NetInstall at logon time setup of infrastructure, standard software, control applications, links scripts are usually executed once, but can be reapplied on demand checks of dlls and other important files, starting the communication layer every logon 2. Check control applications at launch time check for newer versions very frequently 2/19/2019 The DESY WindowsNT Group

Update Procedure Server (Auto)Logon NetInstall database check dlls and start basic app update standard software update control software system management tasks Control software repository check for newer versions Control PC user launches control app 2/19/2019 The DESY WindowsNT Group

The DESY WindowsNT Group Device servers Still under development 2/19/2019 The DESY WindowsNT Group

Effort to Guarantee Stability The problem: PCs belong to common DESY domain (DESYNT) maintained by central services The solution: Everything works with local accounts as well Local mode switch installed on every PC --> login with local account, disconnect network shares and work without updates A BDC and Wins server is located in the local subnet area Two NetInstall servers, updated with replication 2/19/2019 The DESY WindowsNT Group

The DESY WindowsNT Group Problems A developer PC is not well-defined and well-managed A Yellow PC where user can install additional software --> control applications can be linked to newer dlls than deployed in control room PCs are not Green enough even almost everything is restricted on a Green PC, there are still some things free to be configured (keyboard layout, regional settings) Software and system management is a complex task 2/19/2019 The DESY WindowsNT Group

The DESY WindowsNT Group Conclusion Software and system management is important !!!! Device PCs have different needs than Control PCs Extra software management tool is needed (DESY: NetInstall) Green PC is important Extra NetInstall database used for control system, running in common domain connected with central NetInstall database to export control software to Office PCs 2/19/2019 The DESY WindowsNT Group