Presentation is loading. Please wait.

Presentation is loading. Please wait.

The move to Active Directory.

Published byChristin Roth Modified over 6 years ago

Similar presentations

Presentation on theme: "The move to Active Directory."— Presentation transcript:

1 The move to Active Directory.
Proposed changes to our managed desktops – SSD5 and CSCE 7. Pete Mitchell, IT Services.

2 Outline We find ourselves at a crossroads w.r.t Directory provision. We have for a number of years ran two production directory systems in parallel, which together with the other core services underpin our standard desktop products. The recent expansion of Exchange provision, and the experience of the DST in the development of SSD5 informed our decisions about how we should provide service moving forward. I will outline our proposals for the support of standard desktops, with more detail on support for student systems.

3 Active Directory Currently we run the CENTRE.ad.gla.ac.uk domain to support Exchange, SSD5 and a range of other services. CENTRE has evolved from the original NT4 Domain. Moving forward from NT4.0 to Windows Server 2003 the range of threats necessitated a very aggressive security model. Hard coded non standard replication and service ports with “matrix” type filtering on each switch port. This has served us well, in that we have had no compromises to the system but it does make moving forward with this environment very challenging.

4 Active Directory We are not confident of being able to extend the provision from CENTRE, given the challenges the security model presents, to cover all of our needs without the spectre of service interruption or withdrawal. Given it’s mission critical, and we have now inherited a number of challenges to service delivery we decided, in conjunction with the vendors (MS), to implement a new AD to host our new services, CAMPUS.ad.gla.ac.uk.

5 Campus Active Directory
New production active Directory, campus.gla.ac.uk. Windows 2008 Domain Functional Level. Windows 2008 Advanced Server, 64bit Enterprise. Provisioned Accounts ( IDM created and managed ). Built to support all central services moving forward.

6 Campus Active Directory
No inheritance from previous systems. No legacy operating modes. No legacy objects for previous versions. Clean accounts created. Less aggressive security environment Windows Server 2008 much more secure. New ability to deploy only the services we need on certain box’s to reduce exposure. More opportunity for interoperation with other systems. Still secure enough !

7 Active Directory - Services
Current SSD 5 supported by AD ( CENTRE ) Customers very happy with performance, and interface ( single sign on ). DST very happy with tools and technologies to build/manage and deploy desktops. Back end systems offer high performance, good DR . DST happy to discuss any aspect of SSD5 provision.

8 Moving forward We now have significant experience of supporting large scale mission critical services from the AD. Exchange, and the SSD5 back end services have performed well, and delivered the services the users want in a way that the server teams are happy to support Consequently we have the confidence to move our core services to AD

9 Changes to Student System
Why Now ? Novell support for OES ( Netware ) deprecating, the alternatives on offer are essentially Linux ( SUSE ) but without the advantages of the older OES systems ( NSS ). No 64bit support for OES, meaning 4GB RAM max on fileservers. It’s becoming difficult to get hardware that’s supported/ drivers that are current for the latest hardware revisions. We expect the OES suite to be dropped by some of our third party ( backup and integration ) software vendors. Windows technologies now better at managing large scale installations of Windows Clients, both server and DST team happy with the technologies maturity. We have some concerns about Novell viability in this space moving forward. They will still be a big player in the IDM and Linux space.

10 Changes to Student System
It now makes sense to migrate CSCE, as we then move towards one directory for core service provision, for staff and students moving forward. Economies of scale, and skills duplication should improve our efficiency in supporting the core infrastructure.

11 Changes to the Student System
We are moving to an Active Directory leveraged system from Summer 2009 ! We will replace eDirectory with Active Directory ( authentication ) We will replace OES with Windows Server 2008 ( filestore ) We will replace Zenworks with Systems Centre Configuration Manager ( control )

12 Changes to the Student System
Student accounts provisioned into Campus active directory from Feb 2009. Same username and password as the existing system. Fully linked to Data Vault. Two way Password sync between Data Vault and Active Directory (and eDirectory) Exchange account provisioned upon creation.

13 Changes to the Student System
Migration of filestore to Windows Servers hosted in campus.ad.gla.ac.uk – June/July 2009. All filestore for all years. Windows 2008 clusters to support student filestore moving forward. Additional filestore offered via SharePoint portal for collaboration data. Some support for roaming profiles (we think!).

14 Changes to the Student System
CSCE 7 Windows XP, SP3 supported by Active Directory. Supported by Systems Centre Configuration Manager. Workstation control and applications deployment via Group Policy. Significant improvement in hardware and software inventory and control. PXE supported remote build model (boot from NIC).

15 Changes to the Student System
CSCE 8 Windows Vista based. We hope to share a common deployment and management mechanism with Standard Staff Desktop 7. Again, DST happy to outline their experiences so far with Vista.

16 Changes to the Student System
Microsoft Exchange 2007 for all students*. 300 MB UG, 500MB PG (min). Outlook 2007 native mode on CSCE machines. OWA ( outlook web access ) offsite. Support for handhelds/windows mobile/iphone/crackberry. Calendar support.

17 Changes to Student System
Virtual Office not supported –> Sharepoint. Remote access to filestore via SharePoint/Webdav. Native support of Macintosh OSX access. Webdav support. FTP. Much, much more scope for collaboration.

18 Migration Migration We will need to support a half way house.
Latest CSCE ( as of end of term 3 ) supported for access to files etc, but DEPRECATED ! Version previous to this will receive NO SUPPORT. By virtue of the account details matching up ( data vault) we can use net use commands to access Windows shares via the login script. There “may” be another password prompt, but we currently think not.

19 Migration Applications support – migration
Some departments have many packaged applications. We will research deploying these to AD machines using later Zenworks clients which do not require Novell Client logins. There will be work to re-package a lot of stuff. Hope to have a beta of CSCE 7 available for Easter 2009.

20 Support for Legacy/Interoperation
We will of course try to provide as much support as possible for migration. Where departments offer non-csce services to students we can provide “bridging” solutions. We do, however, need much support from our partners to bring this forward. CSCE 7+ offers an excellent opportunity to improve student service going forward.

21 Timetables SSD5 available – Now (for some time).
Campus implementation – Now. Prep for Exchange 2007 in Campus – ongoing. Sharepoint delivery Jan/Feb 2009. CSCE 7 Beta – Feb 2009. Assistance with applications deployment to Beta – March 2009. Filestore Migration – June 2009. CSCE official on Campus August 2009.

Download ppt "The move to Active Directory."

Similar presentations

Collaboration and Unified E-Mail Dennis Schmidt, Director, OIS.

Collaboration and Unified Dennis Schmidt, Director, OIS.
IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – 6.0.1 Domino Access for MS Outlook - Notes Domino.

IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.
Welcome Overview of this Session Introduction The Migration –Active Directory (replacing Novell) –Email & Calendar – from iPlanet to Outlook –Network.

Welcome Overview of this Session Introduction The Migration –Active Directory (replacing Novell) – & Calendar – from iPlanet to Outlook –Network.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
NHSmail: Technology Refresh 26 th February 2008 Mike Dolan NHSmail Migration Manager.

NHSmail: Technology Refresh 26 th February 2008 Mike Dolan NHSmail Migration Manager.
Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.

Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.
MCITP: Microsoft Windows Vista Desktop Support - Enterprise Section 1: Prepare to Deploy.

MCITP: Microsoft Windows Vista Desktop Support - Enterprise Section 1: Prepare to Deploy.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
1 SLAC Windows Migration Bob Cowles Presented for the SLAC Windows Migration Project HEPNT, Fermilab October 24, 2002.

1 SLAC Windows Migration Bob Cowles Presented for the SLAC Windows Migration Project HEPNT, Fermilab October 24, 2002.
Business Productivity Online Suite Enterprise class software delivered via subscription services hosted by Microsoft and sold with partners.

Business Productivity Online Suite Enterprise class software delivered via subscription services hosted by Microsoft and sold with partners.
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.
Virtual Machine Management

Virtual Machine Management
Elements of a Small PC Network LAN Standards –We will focus on LANs that follow the Ethernet standard (80% do) Small Ethernet PC networks use only inexpensive.

Elements of a Small PC Network LAN Standards –We will focus on LANs that follow the Ethernet standard (80% do) Small Ethernet PC networks use only inexpensive.
Introduction to Active Directory December 10th, 2008 1-3pm Daniels 407.

Introduction to Active Directory December 10th, pm Daniels 407.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,

BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,
VASCO Data Security 1 End Of Live VACMAN MIDDLEWARE VASCO ENTERPRISE SECURITY.

VASCO Data Security 1 End Of Live VACMAN MIDDLEWARE VASCO ENTERPRISE SECURITY.
1 Chapter Overview Network Operating Systems Network Clients Directory Services.

1 Chapter Overview Network Operating Systems Network Clients Directory Services.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Similar presentations

Ads by Google