Upload
chrystal-young
View
219
Download
0
Tags:
Embed Size (px)
Citation preview
Active Directory Active Directory ConsolidationConsolidationClose Out MeetingClose Out Meeting
Dave ChomasDave ChomasSenior ConsultantSenior [email protected]@microsoft.com
AgendaAgenda Scope of the engagement? (Reminder)Scope of the engagement? (Reminder) Objectives of the engagement? (Reminder)Objectives of the engagement? (Reminder) Operations review findingsOperations review findings Systems management tools assessment findingsSystems management tools assessment findings Server infrastructure assessment findingsServer infrastructure assessment findings Potential consolidated environment architecturesPotential consolidated environment architectures Risk AnalysisRisk Analysis Next stepsNext steps Q&A Q&A
ScopeScope In ScopeIn Scope
High Level Current environment Assessment High Level Current environment Assessment Existing Server and network infrastructureExisting Server and network infrastructure
Existing IT operations reviewExisting IT operations review
Existing systems management tools assessmentExisting systems management tools assessment
Evaluate consolidation opportunities and scenariosEvaluate consolidation opportunities and scenarios
Planning and first pass design activitiesPlanning and first pass design activities
Out of ScopeOut of Scope Detailed designDetailed design
TrainingTraining
ScopeScope What this isWhat this is
Impartial high-level review of UW-M’s AD Impartial high-level review of UW-M’s AD
implementationsimplementations
What this isn’tWhat this isn’t
A ‘bash’ session of any groupA ‘bash’ session of any group
UW-M Business ObjectivesUW-M Business Objectives Reduce the total amount of redundant administration by Reduce the total amount of redundant administration by
granting UW-M’s Core Services IT organization the ability granting UW-M’s Core Services IT organization the ability to view and manage all global IT resources. to view and manage all global IT resources.
Allow UW-M to standardize the process of merging and Allow UW-M to standardize the process of merging and migrating business IT resources.migrating business IT resources.
Allow UW-M to consolidate the number of common Allow UW-M to consolidate the number of common directory services technologies providing similar IT directory services technologies providing similar IT services into a common or centralized platform to services into a common or centralized platform to maximize common services and tasks providing for a maximize common services and tasks providing for a more efficient operation for the university as a whole.more efficient operation for the university as a whole.
Improve business continuity by providing a global, Improve business continuity by providing a global, common and secure repository of trusted identification.common and secure repository of trusted identification.
Reduce costs by consolidating resources such as network Reduce costs by consolidating resources such as network services and server hardwareservices and server hardware
Identify the risks Identify the risks Determine next stepsDetermine next steps
Project TeamProject Team
CustomerCustomer Executive sponsor - Paul TrebianExecutive sponsor - Paul Trebian
Project manager - Atis PurinsProject manager - Atis Purins
Technology architects - AD Core Services Technology architects - AD Core Services
TeamTeam
MS Account TeamMS Account Team
Steve Moran – Engagement ManagerSteve Moran – Engagement Manager
Mary Paulson – Account ManagerMary Paulson – Account Manager
Delivery ConsultantDelivery Consultant
Dave ChomasDave Chomas
Server AssessmentServer Assessment
~14 Active Directory implementations on campus~14 Active Directory implementations on campus
6 email systems in addition to PantherMail6 email systems in addition to PantherMail
File & Print servers in each school/departmentFile & Print servers in each school/department
0
2
4
6
8
10
12
14
16
18
AD Core Services
DC
F&P
Management
Application
Basic Server Environments
Strengths of decentralized environments
Improvement Opportunities
Operations review findingsOperations review findings
More responsive staffMore responsive staff Better customer serviceBetter customer service IT staff has complete control over environmentIT staff has complete control over environment Prioritization of projects, service calls, etc.Prioritization of projects, service calls, etc.
More education neededMore education needed Insecure data centersInsecure data centers Environments running on desktopsEnvironments running on desktops Duplication of effortDuplication of effort Loss of objectivityLoss of objectivity Loss of budgetary controlLoss of budgetary control Inconsistent service levelsInconsistent service levels
Strengths of centralized environments
Improvement Opportunities
Operations review findingsOperations review findings
Easy automation of common tasksEasy automation of common tasks Simpler environment to troubleshootSimpler environment to troubleshoot Strong(er) budgetary controlsStrong(er) budgetary controls Economies of scale for commodity servicesEconomies of scale for commodity services University-wide perspectiveUniversity-wide perspective
Lack of communication with customersLack of communication with customers Perceived as un-responsive, reactionary instead of proactivePerceived as un-responsive, reactionary instead of proactive Perceived as slow to implement new technologiesPerceived as slow to implement new technologies
Best Practice environments
Operations review findingsOperations review findings
Centralized in terms of organizationCentralized in terms of organization Retains objectivity when your customer isn’t your bossRetains objectivity when your customer isn’t your boss
Decentralized in terms of locationDecentralized in terms of location Maximizes communicationsMaximizes communications Maximizes customer interactionMaximizes customer interaction
Not Not everyevery position should be centralized position should be centralized Strategy & vision needs ‘big picture’ viewStrategy & vision needs ‘big picture’ view TrainingTraining Budgetary controlBudgetary control
Share & Partner!Share & Partner! No more Central IT – Campus ITNo more Central IT – Campus IT
Best Practice environments
Operations review findingsOperations review findings
Need better documentation Need better documentation Stop reinventing the wheel – look at other educational Stop reinventing the wheel – look at other educational
institutions’ websites for inspirationinstitutions’ websites for inspiration StanfordStanford
http://http://windows.stanford.edu/index.shtmlwindows.stanford.edu/index.shtml YaleYale
http://wss.yale.edu/win2k/http://wss.yale.edu/win2k/ University of Colorado-BoulderUniversity of Colorado-Boulder
http://www.colorado.edu/its/windows2000/http://www.colorado.edu/its/windows2000/ Massachusetts Institute of TechnologyMassachusetts Institute of Technology
http://http://web.mit.edu/pismereweb.mit.edu/pismere//
System Management Tools AssessmentSystem Management Tools Assessment
Most groups are manually monitoring their systemsMost groups are manually monitoring their systems Consolidation would allow centralized monitoring, giving better Consolidation would allow centralized monitoring, giving better
uptime and SLAsuptime and SLAs
Software Distribution and Patch Management
Service Monitoring
Most groups are managing their own software management & patch Most groups are managing their own software management & patch management systems management systems
Consolidation would allow centralized patch managementConsolidation would allow centralized patch management
Options going forwardOptions going forward
Cease Consolidation Plans
ProsPros ConsCons
Path of least resistancePath of least resistance Duplicate ServicesDuplicate Services
Each group maintains controlEach group maintains control Duplicate EffortDuplicate Effort
Disjointed services for the campusDisjointed services for the campus
Options going forwardOptions going forward
Consolidate using existing AD.UWM.EDU
ProsPros ConsCons
Path of least resistancePath of least resistance Political effort involvedPolitical effort involved
Maintains existing SLAsMaintains existing SLAs A lot of rework to make it palatable to campusA lot of rework to make it palatable to campus
All benefits of consolidationAll benefits of consolidation
Options going forwardOptions going forward
Consolidate using new AD implementation
ProsPros ConsCons
Designed from ground up for campusDesigned from ground up for campus Technical effort involvedTechnical effort involved
All benefits of consolidationAll benefits of consolidation A lot of rework of existing directoriesA lot of rework of existing directories
Becomes technical architects of common Active Directory Becomes technical architects of common Active Directory implementationimplementation
Upon completion of common AD, morphs into the Change Control Upon completion of common AD, morphs into the Change Control Board (CCB)Board (CCB) This can help make central IT authority more palatableThis can help make central IT authority more palatable Architectural changes must be brought before CCB prior to Architectural changes must be brought before CCB prior to
implementationimplementation Central IT authority responsible for day-to-day operationsCentral IT authority responsible for day-to-day operations
All core services teams (File, E-Mail, etc.) work together on All core services teams (File, E-Mail, etc.) work together on cross-over issuescross-over issues
Options going forwardOptions going forwardAD Core Services Team
Options going forwardOptions going forward
Strategy & Vision Group formed Creates business requirements for common ADCreates business requirements for common AD Provides campus leadership for ALL ITProvides campus leadership for ALL IT Made up of non-technical leadersMade up of non-technical leaders
Leave technical product decisions to core services teamsLeave technical product decisions to core services teams
Risk AnalysisRisk Analysis
Risk Result
AD.UWM.EDU fails from lack of use by wider community While some groups will migrate to AD.UWM.EDU anyway, larger and more complex groups will maintain their own structures – ultimately dooming the centralized offering
Opportunity cost of what can’t be offered Certain enterprise applications and offerings are only economically viable if a certain scale can be achieved. What’s the cost of continuing to offer “just authentication services” via Active Directory?
Inconsistent SLAs offered by the individual school IT groups
Too much “it’s the other’s guy’s problem” attitude on campus. Little to no realization that it is one campus where one mismanaged group can impact the entire campus
Inconsistent patching offered by the individual school IT groups
Security risk if not all campus machines are consistently patched and maintained
Lack of training in products It is only a matter of time before an administrator makes a mistake due to a lack of training. These mistakes can be managed when an environment is small, but once the entire University is onboard, it can spiral out of control
Next StepsNext Steps Open discussion:Open discussion:
Consolidation opportunities?Consolidation opportunities? Potential architectures?Potential architectures? Technologies can be utilized?Technologies can be utilized?
Next StepsNext Steps Recommendations:Recommendations:
““Loose Confederation” ADLoose Confederation” AD Easiest to achieve with new AD, but existing can Easiest to achieve with new AD, but existing can
be savedbe saved Campus needs to partner with each otherCampus needs to partner with each other Campus IT – not Central ITCampus IT – not Central IT Training across the boardTraining across the board
Logical DesignLogical Design An example of a “loose confederation” Active DirectoryAn example of a “loose confederation” Active Directory
root.uwm.edu
School A
Department 1
Department 2
School B
schoolC.root.uwm.edu
Department A
Department B
schoolD.uwm.edu
Department A
Group 1
Group 2
Department B
© 2004 Microsoft Corporation. All rights reserved.© 2004 Microsoft Corporation. All rights reserved.This This presentationpresentation is for informational purposes only. MICROSOFT is for informational purposes only. MICROSOFT
MAKES NO WARRANTIES, EXPRESS MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.OR IMPLIED, IN THIS SUMMARY.
Q&AQ&A
ThanksThanks