Windows 2000Windows 2000Pre-Deployment Project
StatusPresented to WNUG
January 6, 2000
Patricia M. SchneiderInformation Technology
Graphics by Doug BaldwinInformation Technology
Windows 2000Windows 2000 Brief background of the project Current Testing Environment Current Testing Findings Preliminary Windows 2000 Models DNS Recommendations Other Features Resources
Project BackgroundProject Background
Project Team Members– IT, ASU West, ASU East, Engineering,
VPRC, Liberal Arts, College of BusinessProject Directive
– Discovery Phase– Findings
Current Testing EnvironmentCurrent Testing Environment
Domain ModelsReplicationAdministrative ModelsPoliciesGroups
Domain ModelsDomain Models
Master Domain
Resource Domains
OU OU
OUOU
OU
OU OU
OUOU
OU
Master Domains
ResourceDomains
OU OU
OUOU
OU
OU OU
OUOU
OU
OU OU
OUOU
OU
Domain ModelDomain ModelW2kt.asu.edu-w2ktdns1.w2kt.asu.edu (Main campus)-W2ktdns4.w2kt.asu.edu (West campus)-Asuesrv1.w2kt.asu.edu (East campus)
IT.W2kt.asu.edu- itdc2.it.w2kt.asu.edu
VPRC.W2kt.asu.edu- vprcdc.vprc.w2kt.asu.edu
CEAS.W2kt.asu.edu- ceasdc1.ceas.w2kt.asu.edu
WEST.W2kt.asu.edu- westdc1.west.w2kt.asu.edu
EAST.W2kt.asu.edu- eastdc1.east.w2kt.asu.edu
SITE: MAINW2KTSite
SITE: ITW2KTSite16
SITE: WESTW2KTSite SITE: EASTW2KTSite
Sites & ReplicationSites & Replication
Physical grouping of domain controller based on sites
Replication within a domainReplication between sitesGlobal catalog replication
Organizational UnitsOrganizational Units
Delegate administrative authorityComputersUsersApply policies
Current Testing FindingsCurrent Testing Findings
Preliminary Windows 2000 Domain model
Preliminary Windows 2000 Administrative model
Preliminary Windows 2000 Preliminary Windows 2000 Domain ModelDomain Model
ASU.EDU
CEAS.ASU.EDUWEST.ASU.EDU EAST.ASU.EDU
SITE: ASU
(Limited number of child domains created only as needed)
Preliminary OU Admin Model 1Preliminary OU Admin Model 1
Centrally Managed (ASURITE) User Ids and Departmental Groups reside in Users Container
Centrally Managed OU Administrators Groups (for OU Delegation) Centrally Managed
Organizational Units (Campus, College & VP Area)
Locally Managed Organizational Units
Locally Managed Groups within OU’s
Preliminary OU Admin Model 2Preliminary OU Admin Model 2
Centrally Managed (ASURITE) User Ids and Departmental Groups reside in Distributed OU’s
Centrally Managed OU Administrators Groups (for OU Delegation)
Centrally Managed Organizational Units (Campus, College & VP Area)
Locally Managed Organizational Units
Locally Managed Groups within OU’s
Centrally Managed Centrally Managed Organizational UnitsOrganizational Units
Users user1 Employees EAST EAST-IT user2 Students WEST WEST-IT user3 Exceptions ABOR CEAS-Dean user4 Transfer IT COB-Finance … … …
College of Architecture & Environmental DesignCollege of BusinessCollege of EducationCollege of Engineering and Applied SciencesCollege of Extended EducationCollege of Fine ArtsCollege of LawCollege of Liberal Arts & SciencesCollege of NursingCollege of Public ProgramsGraduate CollegeUniversity Honors College
ASU Domain Administration OUadminEAST OUadminWEST OUadminABOR OUadminIT …
ASU EastASU WestArizona Board of RegentsInformation TechnologyOffice of the PresidentOffice of the Provost and Senior VPOffice of Vice Provost Admin ServicesOffice of Vice Provost ResearchOffice of VP Academic AffairsOffice of VP Institutional AdvancementOffice of VP Student AffairsUniversity LibrariesDivision of Undergraduate Academic Services
Department Organization Units?Department Organization Units?
Groups within OU’sGroups within OU’s
Departmental GroupsDepartmental Groups
Group MembershipGroup Membership
DNS FindingsDNS Findings
Maintain the current NetID DNS implementation– At least one MS DNS server is needed– IT will need to provide a process to
register the SRV RR records of unit domain controllers
Continued TestingContinued Testing
Distributed administration of users/computers Group policies Distributed resource management ASURITE account integration Backup/Restore of Active Directory Exchange integration MS DHCP integration with NetID DNS DHCP use with Intellimirror features
Other FeaturesOther Features
Kerberos integration with pre-existing University environment
IPSecPublic Key InfrastructureLDAP Integration
TrainingTraining
Current classesProduction deployment timeframeProposals from vendorsWhat best fits administrators’
needs
ResourcesResourceshttp:\\Windows2000.ASU.EDUExchange public foldersMicrosoft beta siteWindows 2000 Server
Architecture and Planning by Morten Strunge Nielsen – ISBN 1-57610-436-2