Download presentation
Presentation is loading. Please wait.
1
City-wide Active Directory Project Town Hall II
5/20/2018 6:35 PM Active Directory City and County of San Francisco City-wide Active Directory Project Town Hall II © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
2
Agenda Introductions and Recap Town Hall I Review and Q&A
Proposed AD Architecture Proposed Project Timeline Path Forward Questions
3
Project Update Review: Q&A from Town Hall I Project Status Services
Authorizations AD Interfaces Security Policies
4
Q&A from Town Hall I - Project Status
Is the AD infrastructure already in place? How will departments who wish to participate in City-wide AD be incorporated? What is the roll-out plan for departments who wish to participate under the City-wide AD? Site Assessments
5
Q&A from Town Hall I - Services
What are the service offerings? Show how the ability to share resources across departments will be facilitated. If a department already has Windows 2008, can Federation Services be installed?
6
Q&A from Town Hall I - Authorizations
Will this architecture work for sharing drives between departments? Is it possible for departments to access each other’s data using Federation? Under the City-wide AD, how are OU’s authorized to share resources between OU’s?
7
Q&A from Town Hall I - Interfaces
Was it reported that Exchange Online will not support a Federated model? How will be accessed out-of-network ? Is City-wide AD a pre-requisite for Exchange Online?
8
Q&A from Town Hall I - Security Policies
Define auditing and control procedures? How will the forest root enterprise admin credentials be secured? Define how security boundaries (OU) will be scalable and effective. Define how legally mandated network isolation will be supported, e.g. PCI, HIPPA. How will network security and administrative overhead be balanced?
9
Flat Architecture ARCHITECTURE
10
City-wide Active Directory Topology
Migrate all users into the contoso.com forest, leaving the .treb forest with application servers (a resource forest) in the ca.treb (963 servers) and us.treb (587 servers). New servers would be provisioned into the contoso.com forest, upgrades or refresh of .treb servers can be evaluated on a case by case business.
11
City-wide Active Directory Federation
Migrate all users into the contoso.com forest, leaving the .treb forest with application servers (a resource forest) in the ca.treb (963 servers) and us.treb (587 servers). New servers would be provisioned into the contoso.com forest, upgrades or refresh of .treb servers can be evaluated on a case by case business.
12
City-wide Active Directory Participation
Migrate all users into the contoso.com forest, leaving the .treb forest with application servers (a resource forest) in the ca.treb (963 servers) and us.treb (587 servers). New servers would be provisioned into the contoso.com forest, upgrades or refresh of .treb servers can be evaluated on a case by case business.
13
PARTICIPATION BENEFITS
Architectural Benefits FEDERATED BENEFITS PARTICIPATION BENEFITS PLUS… Authentication Services Services: Certification, File, and Print Standardized Server Builds and Policies Standardized Workstation Builds and Policies Standardized OU Structures Automated Software Distribution Application Support Enterprise Group Policies Security Policies e.g. Access, Password Admin Delegated Administration Preserves autonomy of agency control Better integration, increased security and control of city-wide identities Improved capabilities for Multi- and Inter- Agency Initiatives. City-wide (Exchange Online ) SharePoint Collaborations Web Single Sign-on Access
14
DT Active Directory Timeline
Projects DT Migration Begins DT Migration Completed (with full service availability) Active Directory Infrastructure Built DT to Exchange Online Migrated AD Root Migration Completed Migration from Novell to Active Directory Implement Interface Architecture Baseline Policy definitions, e.g. Security, Server Site Assessments Other city agency rollout Present March 2011 Future DT’s Migration into City-wide AD Services Authentication Services Standard Builds File, Printer Services Certificate Services Group Policies City-wide Wireless
15
Town Hall II Summary By March, 2011,
DT Migration from Novell to Active Directory Implement AD Architecture Baseline Policy definitions, e.g. Security, Server Departmental Survey and Interviews Perform AD/ Site Assessments Determine Rollout Schedule w/ other Agencies
16
City-wide Active Directory
Questions
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.