1 / 18

Progress of the DESY Windows Project - Building a new domain with Windows 2003 Server

Progress of the DESY Windows Project - Building a new domain with Windows 2003 Server. Reinhard Baltrusch, DESY IT. Situation. The project starts in march 2002 with the goal to build a new, active directory based Windows domain for DESY.

gilead
Download Presentation

Progress of the DESY Windows Project - Building a new domain with Windows 2003 Server

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Progress of the DESY Windows Project - Building a new domain with Windows 2003 Server Reinhard Baltrusch, DESY IT HEPiX-HEPNT Amsterdam 21.05.2003

  2. Situation • The project starts in march 2002 with the goal to build a new, active directory based Windows domain for DESY. • In the first phase a sitespreading test environment with Windows 2000 was installed and filled with life (win2k.desy.de). • Meanwhile Windows XP has become the preferred client operating-system for administration. But we have seen always some conflicts between Windows 2000 and XP (e.g. policies !) and restrictions of Windows 2000 (e.g. Dfs). • Since 24. April Windows Server 2003 (.NET) is available and we have seen in preceding tests with the RC2 that many problems are solved. New features make the life easier and there is no need to spend time for later migration. • So we decided to avoid the deployment of Windows 2000 and go forward with Windows Server 2003 and Windows XP SP1. • By now new hardware is waiting to start in the next phase of the project : Construct the real production environment for the domain win.desy.de. HEPiX-HEPNT Amsterdam 21.05.2003

  3. Useful Windows Server 2003 features • Group Policy Management Console (GPMC) • Volume Shadow Copy Services / Shadow Copy Client • Automated System Recovery (ASR) • Dfs (enhanced, more then one root possible) • RIS (advanced, server OS also supported) • Schema management (deactivate/activate classes and attributes) • inetOrgPerson object class built-in (in W2K extension) • Metadirectory support (enterprise edition) • Better support for migration of NT4 (ADMT, e.g. password migration) • CHKDSK Performance (over 20 % faster than W2k) • Windows Sharepoint Services (later update for W2K3, beta) • Rename domain HEPiX-HEPNT Amsterdam 21.05.2003

  4. Group Policy Management Console HEPiX-HEPNT Amsterdam 21.05.2003

  5. Shadow Copies HEPiX-HEPNT Amsterdam 21.05.2003

  6. Hardware for the new DESY domain • Available : • 3 HP/Compaq Proliant DL380 G3 as Domaincontroller (computer centre, machine controls in Hamburg, computer centre in Zeuthen). HEPiX-HEPNT Amsterdam 21.05.2003

  7. Hardware for the new DESY domain (II) • 4 HP/Compaq Proliant DL360 G3 for several services (like Web, SUS, Transaction, NetInstall) HEPiX-HEPNT Amsterdam 21.05.2003

  8. Hardware for the new DESY domain (III) • 1 Compaq/HP Proliant DL380 G2 Packaged Clusterwith StorageWorks Array for RIS, DFS and other fileservices. HEPiX-HEPNT Amsterdam 21.05.2003

  9. Hardware for the new DESY domain (IV) • Not delivered jet : • Storage system for homedirectories in Hamburg : HP StorageWorks MSA1000 with 4 HP blade server (6 TB für win.desy.de and DESYNT) • Storage system for homedirectories in Zeuthen : HP StorageWorks MSA1000 with HP DL380 cluster (1 TB für win.desy.de, expandable) HEPiX-HEPNT Amsterdam 21.05.2003

  10. StorageWorks MSA 1000 HEPiX-HEPNT Amsterdam 21.05.2003

  11. General build up plan • After installing three domain controller the replication behavior and the DDNS functionality (site spreading) must be smooth before going ahead ! • In the test domain proofed services, tools and scripts will be integrated in the production domain. The basic Active Directory structure (namespace container) with delegation and basic grouppolicies will be inserted. • In first step we are looking for max. 500 test users, who should try to do there normal work on XP clients configured for the domain. • But the reservation is to install the domain a second time if something is going absolutly wrong in this test phase of the production domain. Otherwise necessary improvements will be made on the services, structure, policies and security. • If all is running in a good way further services and users will be migrated. HEPiX-HEPNT Amsterdam 21.05.2003

  12. Active Directory structure HEPiX-HEPNT Amsterdam 21.05.2003

  13. Basic services in the new Windows domain at the beginning • Homedirectory, quota management (native) and backup inclusiv (TSM, TSM-Client V. 5.16 is ready for Windows Server 2003). • Dfs (active directory integrated and standalone) - the homedirectory path in the user profile will be a Dfs link. • Remote Installation Service for basic OS installation. • Usage of the Software Update Service from the beginning (Windows update push mode). • Application provision over grouppolicies and later over NetInstall. • Deployment of McAfee VirusScan Enterprise 7.0 (one version for server and workstation), update over the AutoUpdate Architect. • Mail and printing is at first functional over the old domain. HEPiX-HEPNT Amsterdam 21.05.2003

  14. Distributed file service HEPiX-HEPNT Amsterdam 21.05.2003

  15. Software Update Services HEPiX-HEPNT Amsterdam 21.05.2003

  16. VirusScan Enterprise 7.0 HEPiX-HEPNT Amsterdam 21.05.2003

  17. AutoUpdate Architect HEPiX-HEPNT Amsterdam 21.05.2003

  18. Future look on .. • Exchange Titanium (2003, beta, E2k is not supported for W2K3) • SharePoint Portal Server v. 2 (2003, beta) • ePolicy Orchestrator version 3 (beta, McAfee scanner administration) • Samba version 3 (alpha) • Advanced quota management tool (for group quotas) HEPiX-HEPNT Amsterdam 21.05.2003

More Related