VPRC Domain Migration Migrating resources from the VPRC domain to the ASURITE domain.

Slides:



Advertisements
Similar presentations
Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
Advertisements

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.
Auditing Active Directory Presented to the National State Auditors Association 2014 Information Technology Conference.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Chapter 4 Chapter 4: Planning the Active Directory and Security.
Introduction to Active Directory
6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.
Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.
By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Group Accounts; Securing Resources with Permissions
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
Hands-On Microsoft Windows Server 2008
Chapter 7 WORKING WITH GROUPS.
Hands-On Microsoft Windows Server 2008
Vikram Thakur Introduction to Active Directory Structure.
Overview of Active Directory Domain Services Lesson 1.
Overview of Active Directory Domain Services Lesson 1.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.
Part I.  NOS  Directory Data Store(directory service, database)  Located on Domain Controllers (DCs), globally distributed, replicated (no longer PDCs/BDCs)
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 4 IT278 Network Administration Course Name – IT278 Network Administration Instructor.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 5: Active Directory Logical Design.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Windows 2000 Presented to CCC by Pat Schneider May 23, 2001.
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
Module 7 Active Directory and Account Management.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.
Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.
 Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
Page 1 System and Group Policies Lecture 7 Hassan Shuja 11/02/2004.
Chapter 10: Rights, User, and Group Administration.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
1 Group Policies (Week 11, Monday 3/19/2007) © Abdou Illia, Spring 2007.
Hands-On Microsoft Windows Server 2008 Chapter 4-Part 1 Introduction to Active Directory and Account Manager.
Module 3 Creating Groups and Organizational Units.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
Active Directory Infrastructure Microsoft Windows 2003 Active Directory Infrastructure MCSE Exam
Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.
Module 10: Implementing Administrative Templates and Audit Policy.
Installing a Domain Controller
OVERVIEW OF ACTIVE DIRECTORY
Introduction to Active Directory
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
MIS Chapter 41 Chapter 4 – Implementing and Managing Group and Computer Accounts MIS 431 – Created Spring 2006.
HNC COMPUTING - Network Concepts 1 Network Concepts Network Concepts Network Operating Systems Network Operating Systems.
CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.
Windows 2003 Architecture, Active Directory & DNS Lecture # 3 Hassan Shuja 02/14/2006.
Chapter 6 Server Management: Domains Workgroup Domain Trust Relationship Examples.
7.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning.
MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
Windows Enterprise Services.  Introductions  UNM Directory Services  RSAT  Organizational Units (OU)  Active Directory Groups  Naming Convention.
Active Directory Administration
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Presentation transcript:

VPRC Domain Migration Migrating resources from the VPRC domain to the ASURITE domain.

Initial Plan  VPRC Domain: Windows NT 4.0 multi-master domain with a PDC (a), resource servers (b), computer accounts (c), and user accounts (d). (VPRC.ASU.EDU)  Trust Relationship: Explicit one-way trust established to allow the ASURITE domain to access resources in the VPRC domain.  ASURITE Domain: Windows 2000 domain running in Native Mode. (ASURITE.AD.ASU.EDU) All ASURITE user accounts reside in this domain and will be accessed from here.  M.OVPR - organizational unit for the OVPR (e). Starts out empty but will eventually contain all of our computer accounts, security groups, etc..  Transitive Two-Way Trust (f). Built-in trust between empty root (AD.ASU.EDU) and down level domain (ASURITE.AD.ASU.EDU).  AD Forest Root Domain (g). Containing Forest Schema and Domain Naming Master FSMO's, Schema and Enterprise Admins. No user accounts or computers abcd e g f VPRC Domain ASURITE Domain M.OVPR AD Domain

Step One  VPRC Domain: Windows NT 4.0 multi-master domain with a PDC (a), resource servers (b), and computer accounts (c). User accounts from this domain will no longer be utilized. (VPRC.ASU.EDU)  Trust Relationship: Explicit one-way trust established to allow the ASURITE domain to access resources in the VPRC domain.  ASURITE Domain: This step will be performed simultaneously with step two. All user accounts will be pulled from the ASURITE domain (d). New global security groups will be created in M.OVPR.Groups containing the ASURITE ID’s of our users. New local security groups will be created on the resource servers containing the global security groups from M.OVPR.Groups. This will allow users still in the ASURITE domain to access resources still contained within the VPRC domain.  M.OVPR - organizational unit for the OVPR (e). This will start out empty but will eventually contain all of our computer accounts, security groups, etc abc e d VPRC Domain ASURITE Domain M.OVPR AD Domain

Step Two  VPRC Domain: Windows NT 4.0 multi-master domain with a PDC (a) and resource servers (b). User accounts from this domain will no longer be utilized and all computer accounts have been migrated to the ASURITE domain.  Trust Relationship: Explicit one-way trust established to allow the ASURITE domain to access resources in the VPRC domain.  ASURITE Domain: All ASURITE user accounts will be pulled from the ASURITE domain (d).  M.OVPR - organizational unit for the OVPR (e). All computer accounts (c) now reside in the computer sub-OU (M.OVPR.Computers). These are workstations only. When migration takes place, users local profile folder is renamed from ‘username’ to ‘username_old’. User logs in to create new profile (for the ASURITE domain). All files except NTUSER.INI, NTUSER.DAT, and NTUSER.DAT.LOG are copied into the new local profile folder and permissions are reset to give the user the appropriate permissions. This will retain all application settings except for the Exchange profile ab e c d VPRC Domain ASURITE Domain M.OVPR AD Domain

Step Three  VPRC Domain: Windows NT 4.0 multi-master domain with a PDC (a). User accounts from this domain will no longer be utilized and all computer/server accounts have been migrated to the ASURITE domain.  Trust Relationship: Explicit one-way trust established to allow the ASURITE domain to access resources in the VPRC domain.  ASURITE Domain: All ASURITE user accounts will be pulled from the ASURITE domain (d).  M.OVPR - organizational unit for the OVPR (e). All resource servers (b) have been migrated. All computer accounts (c)now reside in the computer sub-OU (M.OVPR.Computers) a e c d VPRC Domain ASURITE Domain M.OVPR b AD Domain

Where We Are Now Remote Installation Server (RIS) was first in ASURITE domain. Two production IIS servers and one development IIS server have been migrated. About half of our users have been migrated.  Any time we touch a computer for maintenance or install a new one we bring it up in ASURITE.

What We Did Different Initial Plan  Place all workstations in a single OU (M.OVPR.Computers). Actual Implementation  Created multiple OU’s to reflect our departmental structure and placed workstations where appropriate. This eases administrative tasks and allows us to implement workstation changes on a granular level. This will be of great benefit to us as we develop more complex GPO’s, security policies, and as we begin to use Intellimirror.

Current OU Structure Allows us to monitor where workstations are. Absolute control over GPO’s and where they are applied. Will allow us to give limited administrative control to those departments that desire it.

Next Steps Finish migration.  Migrate remaining users/workstations into ASURITE.  Move file and print servers into ASURITE. Shut down NT 4 domain (VPRC). Begin testing of new technologies such as Intellimirror and advanced GPO use in TASURITE.

Somewhere in between…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.