update to timgroup january 2002. outline introduction where are we now? where are we going? what can...
TRANSCRIPT
Update to TIMGroupJanuary 2002
Outline
Introduction Where are we now? Where are we going? What can be done to prepare? What are the options?
Introduction
Task Force recommended centralized Active Directory Deployment with migration for Exchange DOT members (upon request)
Goals: Robust Stability after change Participation optional, compliance necessary Local control where possible
Supported by VPIT Team effort
Where are we now?
Design and testing WINS -> in testing in Rust building DNS -> in testing in Test Lab (LHL)
Mixture of BIND DNS as now and MS DNS All Windows 2000/XP machines in ad.uab.edu (uab) domain CNAME records upon request Auto-register in DNS if authenticated machine
Where are we now? (2)
AD -> in testing in Test Lab (LHL) All users in one OU (uabPeople) based on HURS and STARS Auto-groups / OU groups 3 Servers for domain uab.edu (uabroot) 3 Servers for domain ad.uab.edu (uab) Schema – controlled by committee Disaster recovery testing
Architected for 2nd site for disaster recovery
Where are we now? (3)
Accounts based on BlazerID/Password Support (Local Admin, Help Desk, Dell, Microsoft) Exchange – service differentiation Licensing (campus license) Migration
SID Migration (in test lab) Mailbox movement
Where are we going?
Complete design / testing Documentation of components Documentation of policy Form Active Directory Committee Review
Internal External
Test deployment in lab Deployment of infrastructure Migrations
What can be done to prepare?
Add users to Blazer directory and build correspondence between BlazerID and user account in NT (tool to help with this if there is a [email protected] address) (12.5K of 30-50K)
Move off domain controllers (PDC/BDCs) Change security to not use the Built-in groups like
Everyone and Authorized Users (unless you really mean it!)
Participate in design reviews / discussions
What are the options?
Migration into ad.uab.edu Standalone
ldap.uab.edu can be used to find e-mails of those in AD as well as (all) others in the University
Other option(s) – Here's Tim!