1 / 18

Windows 2000 at the University of Bristol

Windows 2000 at the University of Bristol. Julius Clayton, University of Bristol Computing Service. Introduction. New operating system from Microsoft Already arriving on new PCs What UBCS intends to do about it. Topics of Discussion. Where we are now Where we want to be

arlene
Download Presentation

Windows 2000 at the University of Bristol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows 2000 at the University of Bristol Julius Clayton, University of Bristol Computing Service

  2. Introduction • New operating system from Microsoft • Already arriving on new PCs • What UBCS intends to do about it

  3. Topics of Discussion • Where we are now • Where we want to be • Pros and Cons of Win2k • Deployment Problems • Deployment Plans • Conclusions

  4. Where we are now • Single Master Domain model • Not all departments subscribe • Windows NT4 recommended desktop OS • Significant % of Win3x, Win9x, Linux • Unattended installs for low maintenance • Software changes difficult to implement • Public computer rooms using secured NTW or WTS • Security policy implemented by hand-written scripts

  5. Where we want to be • Less user management • Less OS maintenance • Less software maintenance • High availability and security for Windows systems • Less skill required in all of the above

  6. Pros and Cons of Win2k • Advantages • Easier to roll out, administer and support • More secure • Supports new software, hardware, management • Disadvantages • Steep learning curve • Many benefits only come with “pure Win2k” • Cost

  7. Deployment Problems • DNS: design and interoperation • AD: design and interoperation • Kerberos: design and interoperation • Acceptance (internal/external)

  8. DNS - options • Replace Unix DNS with Win2k DNS • Not a realistic option for many sites • Integrate AD with existing Unix DNS • Added workload if DDNS is not adopted • Insecure if DDNS is adopted • Delegate domain to Win2k DNS and AD • Results in multiple names per machine

  9. Integration: Existing host: IP: www.phy.bris.ac.uk NetBIOS: PHY-WWW Known to central DNS as IP: phy-www.bris.ac.uk (*) and IP: www.phy.bris.ac.uk (*) Requires manual update Delegation: Existing host: IP: www.phy.bris.ac.uk NetBIOS: PHY-WWW Known to AD as IP: phy-www.ad.bris.ac.uk (†) Known to central DNS as IP: www.phy.bris.ac.uk (†) Updates automatically DNS - Integration vs Delegation

  10. AD - Design • Optimal design: • Single domain - low maintenance • Multiple sites - good control • Likely design: • Multiple domains - security boundaries • Single tree - low maintenance

  11. AD - Implementation UOB PHY MED FEN Existing Setup

  12. AD - Implementation UOB Add trust relationships PHY MED FEN Migrate master domain

  13. AD - Implementation UOB Fold resources into master domain Switch off child domains PHY MED FEN Migrate resource domains

  14. AD - Implementation Remote Site UOB LANGFORD MED FEN PHY Single AD domain with OUs

  15. Kerberos - Implementation • Win2k Professional authenticating against Win2k Server uses Kerberos natively • Other Universities looking at MS Kerberos  Unix Kerberos interoperability

  16. Acceptance • Unix-vs-NT mentality unhelpful • Requirement to provide 24x7 services from Windows platform for Windows platform • Departmental integration • Loss of Domain Admin rights, control of OU • Devolution of authority cf. centralisation of responsibility

  17. Deployment Plans • Insight migration programme • Design and implementation help from MS • Other Universities have shown success • Timescales • Upgrade central domain to Win2k Apr • Flip over to native mode (SID History) May • Populate AD, define policies Jun • Upgrade selected NTW, NTS Jul • Upgrade selected WTS Aug

  18. Conclusions • Where we are now - Good basis for improvement • Where we want to be - Providing a better service, spending less time on routine maintenance • Pros and Cons of Win2k - Time and effort savings, but requires investment of time and cash • Deployment Problems - Infrastructure design and politics • Deployment Plans - Pilot over Easter vacation, rollout over Summer vacation if all goes well

More Related