Technical Services & Operations WINDOWS 2008 R2 AD / DC UPGRADE PROJECT.

Slides:



Advertisements
Similar presentations
Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.
Advertisements

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 Chapter 1 Introduction to Windows Server Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.
Chapter 4 Introduction to Active Directory and Account Management
Enterprise Single Sign On Identity management for web applications.
Senior Technical Writer
Hands-On Microsoft Windows Server 2008
Hands-On Microsoft Windows Server 2008
Vikram Thakur Introduction to Active Directory Structure.
SQL Server 64bit Joshua Jones Database Administrator Wall Street On Demand Colorado PASSCamp 2006.
Module 1: Installing Active Directory Domain Services
(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.
Chapter 4 Introduction to Active Directory and Account Management
INTRODUCING MICROSOFT WINDOWS SERVER 2003
Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.
Windows Server 2008 Chapter 4 Last Update
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 15 Installing and Using Windows XP Professional.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Section 7: Implementing Security Using Group Policy Exploring the Windows Security Architecture Securing User Accounts Exploring Security Policies Hardening.
Managing User and Service Accounts
A detailed look at the Microsoft Windows Infrastructure at UWE including Active Directory (AD), MIIS, Exchange, SMS, IIS, SQL Server, Terminal Services.
Welcome Thank you for taking our training. Collection 6425: Configure Windows 2008 Active Directory Domain Services Course 6710 – 6719 at
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 4 IT278 Network Administration Course Name – IT278 Network Administration Instructor.
Securing AD DS Module A 3: Securing AD DS
8.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 8: Planning.
September 18, 2002 Windows 2000 Server Active Directory By Jerry Haggard.
Designing Authentication for a Microsoft Windows 2000 Network Designing Authentication in a Microsoft Windows 2000 Network Designing Kerberos Authentication.
Windows 2000 University of Colorado. Background Limited enterprise services: MIT K5 in labs, modems and some desktops, starting directories now, no identifier.
DFS & Active Directory Joshua Hedges |Brandon Maxfield | Robert Rivera | Will Zilch.
Mastering Windows Network Forensics and Investigation Chapter 13: Logon and Account Logon Events.
W2K and Kerberos at FNAL Jack Mark
Operations Master / FSMO Roles in Active Directory : Suhail Ashfaq Butt.
DC-B312 BitLocker Improvements in Windows 8 MBAM 2.0 Investment Areas and Key New Features Deploying MBAM 2.0MBAM 2.0 End User Experience.
Introduction to Active Directory Domain Services
PLANNING A MICROSOFT EXCHANGE SERVER 2003 INFRASTRUCTURE Chapter 2.
W2K and Kerberos at FNAL Jack Schmidt Mark Kaletka.
Module 1: Implementing Active Directory ® Domain Services.
Hands-On Microsoft Windows Server 2008 Chapter 4-Part 1 Introduction to Active Directory and Account Manager.
Module 7: Implementing Security Using Group Policy.
Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.
CD W2K Desktop Migration Jack Schmidt 12/5/2001. W2K Migration Plan 1. Migrate users/desktops to provide kerberos authentication. Resources still in NT4.
Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.
Module 3 Planning for Active Directory®
Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.
Installing a Domain Controller
Integration and Migration: Making the Move to Windows Server 2003 Michael Leworthy Windows Server Product Manager Microsoft Australia.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Module 8: Planning for Windows Server 2008 Active Directory Services.
Windows NT ® Security Management: Extending Windows NT 5.0 Security Management Tools, Part 2 Praerit Garg Program Manager Windows NT Security Microsoft.
Labs. Session 1 Lab 1: Designing an Active Directory Forest Infrastructure in Windows Server 2008 Exercise 1: Designing an Active Directory Forest Exercise.
Module 8 Implementing Security Using Group Policy.
7.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning.
MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Unit 8 NT1330 Client-Server Networking II Date: 2?10/2016
Group policy.
Basharat Institute of Higher Education
Active Directory Fundamentals
(ITI310) SESSIONS 6-7-8: Active Directory.
Microsoft Ignite /21/2018 5:56 PM
Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016
FSMO Roles and Global Catalog Servers
Install AD Certificate Services
Windows Active Directory Environment
PLANNING A SECURE BASELINE INSTALLATION
Managing Passwords with Group Policy
Presentation transcript:

Technical Services & Operations WINDOWS 2008 R2 AD / DC UPGRADE PROJECT

Technical Services & Operations Proof of Concept to review setting different account lockout policies for different groups AD DS Fine-Grained Password and Account Lockout Policy (requires 2008 functional level) Current fix is using RC4 Reg-edit on managed Win7 and Windows 2008 Servers Current issues with clients ( unmanaged windows 7 and Windows 2008) AES Encryption 2 WINDOWS 2008 R2 AD / DC UPGRADE PROJECT Why Server 2008 R2?

Technical Services & Operations WINDOWS 2008 R2 AD / DC UPGRADE PROJECT 3

Technical Services & Operations WINDOWS 2008 R2 AD / DC UPGRADE PROJECT 10/4/2011 Project Dependency - Retire NT 4 domain trusts 1/12/2012 Project Dependency - Retire NSMC Domain Controllers 9/30/2011 Certify Enterprise Lab Infrastructure 10/20/2011 Update AD Schema in the Enterprise lab1 11/29/2011 Upgrade DC’s in the Enterprise lab to Windows Server 2008 R2 Functional Level - complete dependency testing in in a mockup of Production environment 12/15/2011 Complete Proof of Concept for AD/DS Finegrained Password Account Lockout Policy 4 Planning

Technical Services & Operations Enterprise Lab 5 WINDOWS 2008 R2 AD / DC UPGRADE PROJECT

Technical Services & Operations WINDOWS 2008 R2 AD / DC UPGRADE PROJECT 6 Galen/PAS LDAP/SSL and Kerberos Authentication Log Logics Courion Password Management Service Account Management Web Services Security Lockout Policies CachePacket Sentry Dependencies in the Enterprise Lab

Technical Services & Operations WINDOWS 2008 R2 AD / DC UPGRADE PROJECT 10/28/2011 Production AD Schema Extension (Production Freeze) 12/2/ st DC upgraded in Production to Windows Server 2008 R2 (Production Freeze) 2/7/2012 All DCs in Production upgraded to Windows Server 2008 R2 (no Freeze), Domain remains at Windows Server 2003 Functional Level 2/17/2012 Domain at Windows Server 2008 R2 Functional Level (Production Freeze) 7 Production Implementation

Technical Services & Operations 8 Production Freeze  Global Desktop updates  Exchange  Authentication Changes  Password Changes WINDOWS 2008 R2 AD / DC UPGRADE PROJECT

Technical Services & Operations 9 What will be the end Result?  AES will be implemented in production  Infrastructure has been updated to accommodate AD/DS fine grained password lockout policy for later implementation WINDOWS 2008 R2 AD / DC UPGRADE PROJECT

Technical Services & Operations 10 What does this change impact?  Temporary Production Freezes while the upgrade is completed.  User’s of unmanaged Vista and Windows 7 devices will no longer have to make registry changes to the KDC key to ensure they do not get locked out.  No updates or changes for managed desktops.  No impact to service accounts currently in use. WINDOWS 2008 R2 AD / DC UPGRADE PROJECT

Technical Services & Operations HP BL460c G6 Dual 4 core Intel E Ghz Processor 32 GB DDR 3 memory 2 x 300GB 10k SAS raid 1 configuration HP C-7000 Blade Enclosure WINDOWS 2008 R2 AD / DC UPGRADE PROJECT

Technical Services & Operations 12 Questions? WINDOWS 2008 R2 AD / DC UPGRADE PROJECT

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.