1 / 30

Windows 2000

Windows 2000. Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East. Windows 2000. Brief History of the Windows 2000 Project Project kickoff in April 1999

louvain
Télécharger la présentation

Windows 2000

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East

  2. Windows 2000 Brief History of the Windows 2000 Project • Project kickoff in April 1999 • Participating Units – College of Engineering, ASU West, ASU East, Information Technology • Expansion of the project • Other units joined the project • Created various subcommittees • AD Model, Kerberos, Migration, Service Level Agreement, Student Domain, Dfs, Group Policy, Documentation, Exchange 2000, QA Environment

  3. Windows 2000 Development of the test models • Several variations of forest/domain infrastructures

  4. Windows 2000 Review by a Microsoft Consultant (August 2000) http://www.asu.edu/it/w2k/documents.html

  5. Windows 2000 Final production model defined (September 2000)

  6. Windows 2000 Implemented empty root domain in production (September 2000) • AD.ASU.EDU • Provides a secured environment for schema management

  7. Windows 2000 Implemented the ASURITE domain (October 2000) • ASURITE.AD.ASU.EDU • Upgraded existing Windows NT 4.0 ASURITE domain to Windows 2000 • Approximately 12,000 current accounts • 8,200 current Exchange mailbox accounts • Faculty/staff • Student workers with Exchange accounts

  8. Windows 2000 Created a Development Environment • TAD • TASURITE • TASUSTUDENT

  9. Windows 2000 Created a Quality Assurance Environment • QAAD • QAASURITE • QAASUSTUDENT

  10. Windows 2000 Created a Production Student Domain • ASUSTUDENT

  11. Windows 2000 • ASU-West domain creation • ASU-West student domain creation • ASU-East domain creation

  12. Windows 2000 Established a trust between the current MIT v5 Kerberos domain and the Windows ASUAD domain • Use of Kerberos authentication for student sites • Populated the ASUAD domain with all active Kerberos IDS (approximately 91,000) • Necessary to allow child domains use of the Kerberos accounts • Name mappings between ASUAD accounts and Kerberos domain accounts • Work around for licensing in labs and classrooms

  13. Windows 2000

  14. Windows 2000 Development of the Service Level Agreement (April 2001) - Outlined IT responsibilities for maintaining the infrastructure - Outlined four options that a unit can choose from for its environment • Responsibilities vary depending on the option selected • http://www.asu.edu/it/w2k/documents.html

  15. Service Level Agreement • Implement in Development and QA before going to Production • Redundant Domain Controllers • Microsoft Operations Manager - Replication within a Domain - Replication between Sites • Disaster Recovery • 24/7 On-call Support

  16. Windows 2000 • SLA – Option 1 • Resource Management via Organizational Unit(s) in the ASURITE.AD.ASU.EDU or STUDENT.AD.ASU.EDU Domains

  17. Windows 2000 • SLA – Option 2 • Member Server(s) in the ASURITE.AD.ASU.EDU or STUDENT.AD.ASU.EDU Domains

  18. Windows 2000 • SLA – Option 3 • Separate Domain (child/peer) – Campus / College / VP Level Units Only

  19. Windows 2000 • SLA – Option 4 • Separate Forest

  20. Windows 2000 • Requesting to Join the AD.ASU.EDU Forest • Requesting DNS Services for a New Forest • Requesting Restore of Active Directory Objects • Requesting Service Authorization / Delegation • Non-Compliance • Service Level Agreement Form Submission • http://www.asu.edu/it/w2k/documents.html

  21. Account Creation Process • AP Process – Primary Process for Account Creation • ASUAD Domain - All Active IDs • ASURITE Domain - Faculty, Staff and Student Workers w/Exchange • Student Domain - No Accounts • East and West Domains (their own IDs)

  22. Account Creation Process John Smith Dept./College SIS HR Affiliate DB HRMS AP Automated process creates jsmith user ID

  23. DNS and DHCP • NetID ver 4.2.2 from Nortel Networks • 4 DNS Servers; 1 Primary and 3 Backup • Update SRV Records for Domain Controllers • 2 CampusDHCP Servers

  24. DNS and DHCP ASUDNS1 Netra 10 DNS ASUDNS2 Netra 10 DNS Server Manager for DNS Servers ASUDNS3 Netra 10 DNS DHCP Sunfire 150 Primary DHCP Server Manager for DHCP Servers ASUDNS4 Sunfire 280R Primary DNS Application Server Sybase Database Backup DHCP

  25. DNS and DHCP DNS Server DNS Server DNS Server DHCP Server Server Manager (process) Server Manager (process) Application Server Web Browser Database

  26. DNS and DHCP • Do not register Workstations or Member Servers in DNS

  27. OU Creation and Security • OU Creation and Delegation - Default Groups - Delegate Administrative Authority • ACL and Security - OU Access/View using MMC

  28. Windows 2000 • Exchange 2000 • Member servers in the ASURITE.AD.ASU.EDU domain • Uses active directory for global address list • Distribution lists • Attribute population

  29. Windows 2000 • Windows 2003 • Wait until the end of summer to begin testing • Setting up a testing environment • SMS 2003 • Testing is beginning • For more information, contact Russ Mohn

  30. Windows 2000 • Additional resources • ASU Windows 2000 web page • http://www.asu.edu/it/w2k/documents.html • Active Directory – 2nd Edition • O'Reilly & Associates, Paperback, 2nd edition, Published April 2003, ISBN 0596004664 • Windows 2000 Group Policy, Profiles and IntelliMirror • Sybex / 2001 / 0782128815 • Microsoft web page • TechNet • MSDN

More Related