Presentation is loading. Please wait.

Presentation is loading. Please wait.

W2K Migration Status Report W2k Migration Working Group February 21, 2001.

Published byCory Evans Modified over 8 years ago

Similar presentations

Presentation on theme: "W2K Migration Status Report W2k Migration Working Group February 21, 2001."— Presentation transcript:

1 W2K Migration Status Report W2k Migration Working Group February 21, 2001

2 W2K Migration Working Group Objective- “Provide Windows users with a secure environment to easily share resources across the site and with other labs.”

3 W2K Migration Working Group Meetings- Every Wednesday from 1-3:30pm since October of 2000. Training- Implementing Active Directory and Securing Windows 2000 Server. Web Page- http://www-win2k.fnal.gov/

4 Members (Major NT Domains) BD – Brian Drendel BSS – Roger Fahnestock, Tom Ackenhusen OSS – Ken Fidler, Al Lilianstrom, Andy Romero, Jack Schmidt D0 – Greg Cisko Networking – Vyto Grigaliunas, David Tang TD – John Konc Successful Migration to W2K requires communication and planning!

5 Present Structure BSS TDFNALD0 D0Level3DMACS BDControls BEAMS Controls Systems CDF,ESH,F ESS,LS, PPD, VMS File Servers, Email and Web trust ESE

6 Child Proposed Structure (Not Complete) Root win.fnal.gov Child OU fermi.win.fnal.gov Child OU bss.win.fnal.govbdcontrols.win.fnal.gov OU computer print queue groups user Admin

7 Basic Concepts Active Directory- Directory service for W2K. Hierarchical directory that stores information about objects ( Users, Groups, Files, Printers, Computers) on the network. Objects- All objects have attributes that provide descriptive information about the object. A user’s Name is an attribute. Domain- Boundary for an Active Directory. A group of computers that share a common directory database. Domains designate specific security policies and administration. DC- Domain Controller. There are no PDC/BDCs. Domain controllers operate as equals and replicate information to each other. OU- Organizational Units. Container objects designed for managing users,groups, computers and other resources in a domain. Primary purpose is to allow delegation of administrative tasks. Microsoft recommends using OUs to mirror a company’s organizational structure.

8 Child Proposed Structure (Not Complete) Root win.fnal.gov Child OU fermi.win.fnal.gov Child OU bss.win.fnal.govbdcontrols.win.fnal.gov OU computer print queue groups user Admin

9 Domain Proposal Domain designs were discussed: –Concensus toward root domain with sub domains and OUs: win.fnal.gov root domain (reviewed by committee) fermi.win.fnal.gov – general domain for desktops bss.win.fnal.gov – separate because of audit requirements bdcontrols.win.fnal.gov – BEAMS control systems. Tighter security than general domain.

10 Proposal Benefits Root domain provides central place to manage accounts (need to verify) Root domain provides site security policy OUs provide stricter security policies Child domains broken into OUs: –Top level divisions/sections/major experiments –Organizational OUs can be defined by OU administrator –OUs can be configured to be seen only by members. Design provides easier access to site resources Design provides tighter control of DDNS for Networking (machines must register in W2K domain)

11 Domain Proposal Exceptions D0-Online.fnal.gov –Controls system boxes. Need to be tightly controlled. –No real need for Active Directory or access from outside domains.

12 Present Status Test domain structure in place. Defining tests –Strong Authentication Issues –Identify Applications –Defining Policies –Examine OU resource access Design Note development

13 Migration Issues User Account Cleanup- –Possibility of duplicate accounts –Identify dis-usered accounts –Interface to CNAS for new accounts? Hardware –Verify systems meet OS requirements –Remove inactive computer accounts Software –Licensing (buying new os?) –W2K Certification

14 Timeline Feb 2001 –Examine 3 rd party Tools –SA testing –Domain testing Mar 2001 –Domain testing –SA testing –design note draft Apr 2001 –Release design note to Divisions

15 Timeline June – Aug 2001 –Create pilot domain –Limited production tests Sept 2001 – Begin Domain Migration Nov 2001 –Review progress

16 Concerns How to handle standalone systems? –Visitors – provide access to printers –Lab – must have a user account in W2K domain to access resources. Should standalone domains be allowed? Strong Authentication

Download ppt "W2K Migration Status Report W2k Migration Working Group February 21, 2001."

Similar presentations

Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.
1 Preparing Windows 2000 installation (Week 3, Wednesday 2/25/2006) © Abdou Illia, Spring 2006.

1 Preparing Windows 2000 installation (Week 3, Wednesday 2/25/2006) © Abdou Illia, Spring 2006.
How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.

How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Introduction to Active Directory

Introduction to Active Directory
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 Chapter 1 Introduction to Windows Server 2003. 2 Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.

1 Chapter 1 Introduction to Windows Server Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.
By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.

By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Group Policy in Microsoft Windows Active Directory.

Group Policy in Microsoft Windows Active Directory.
Vikram Thakur Introduction to Active Directory Structure.

Vikram Thakur Introduction to Active Directory Structure.
Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:

Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:

Similar presentations

Ads by Google