Washington State Microsoft Windows 2000 Implementation

1
Washington StateMicrosoft Windows 2000 -
Implementation

• Presented by
• Microsoft Corporation
• Peg Souders, Account Executive
• Allen Abrahamson, Sr. Technology Specialist
• October 23, 2000

2
Agenda

• Statewide Active Directory Review
• Active Directory Review
• Why Statewide Active Directory now not later?
• Active Directory Agency Implementation now or
  later?
• Statewide Active Directory- Project Next Steps
• Windows 2000 Upgrade Review
• Desktop, Server,
• Exchange 5.5, 2000
• Benefits
• Staff Training
• Questions??

3
Statewide Active Directory Review
4
Active Directory

• Requires at least one Windows 2000 Server
• Does not Require
• All servers to be upgraded
• All workstations to be upgraded
• but the Best options are with
• All servers running Windows 2000 Server
• Active Directory
• Windows 2000 Professional

5
Windows 2000 Active Directory

• Windows Clients
• Mgmt profile
• Network info
• Policy

• Windows Servers
• Mgmt profile
• Network info
• Services
• Printers
• File shares
• Policy

• Windows Users
• Account info
• Privileges
• Profiles
• Policy

Active Directory

• A Focal Point for
• Manageability
• Security
• Interoperability

6
Windows 2000 Active Directory Single Forest
Design - Review
WA.GOV
Root Domain (DIS)
DOJ.WA.GOV
Corrections.WA.GOV
Admin.WA.GOV

• Schema Master
• FISMO Master
• Global Catalog

7
Windows 2000 Active Directory Single Forest
Agency (Tree)Domain
WA.GOV
Root Domain
DOJ.WA.GOV
Corrections.WA.GOV
Admin.WA.GOV
Agency Domains

• Separation and security boundary
• Agency level Administration
• Part of overall root administration for
  enterprise issues

8
Global CatalogDomain Tree
The GC in each domain has a pointer to its own
domain information (which is complete)
Plus it has partial information from all of the
other domains in the tree (or forest)
9
Agency - Organizational Unit (OU)
WA.GOV Root Domain
Agency Domain
OUs - Agency
10
WA.GOV Root Domain
Agency Domain
Assign Financial App to Start Menu
GROUP POLICY 1
Remove Run from the Start Menu
Agency OUs
Remote Locations
11
Change And Configuration ManagementTechnologies
Features
Technology Used
User Document Management
Active Directory, Group Policy, Offline Folders
(CSC), Synchronization Manager, Enhanced Shell
Functionality, Disk Quotas
IntelliMirror
Software Installation
Active Directory, Group Policy, Windows
installer, Software installer snap-in, Add/Remove
Programs, Dfs
User Settings Management
Active Directory, Group Policy, Offline Folders
(CSC), Roaming User Profiles, Enhanced Shell
Functionality
Remote OS Installation
Active Directory, Group Policy, Remote install
server, remote install capable workstation
(NetPC, PC98, Boot Floppy)
12
Change Configuration ManagementBenefits
13
Simplify User And Network ManagementBenefits
State W2K Root
Delegate Management Tasks to Office Admins
Agency Domain
Users
Machines
Applications
Devices
Color Printer in Building 6
Marketing
Personnel
Give Personnel Members the HR Application

• Users and organization management
• User device management

14
Windows 2000 Active DirectoryWhy now not later?

• Lower Total Cost of Ownership
• IntelliMirror technologies for ease of
  administration
• Security
• Kerbros, PKI, IPSEC, L2TP
• You need the Active Directory for Exchange 2000
  (as well as most other server applications in the
  future)
• Enterprise Management ie Virus control
• If you do not own the root now and make it
  available, you can easily end up with multiple
  forests (much harder to manage and to change at a
  later date)

15
Windows 2000 Active DirectoryAgency
Implementation now or future?

• Agencies may start to convert to Windows 2000 and
  the AD today to reduce management costs and
  lowering the total TCO of their agency.
• If an agency starts an AD structure and doesnt
  join the WA.GOV root, they will have to have
  their own set of AD masters and knowledge of
  schema management (expensive)
• If an agency never joins the AD, the information
  within that agency will not be able to be shared
  with others or managed from the top down.

16
Windows 2000 Statewide Active DirectoryNext Steps

• Active Directory Security Planning Testing
• Define Schema Process Management
• MS Technical Expert dedicated to DIS and support
  of Active Directory implementation, testing and
  planning.
• Implement DSHS production Active Directory

17
Upgrading / Migrating to Windows 2000
18
Myth I have to wait until my servers are
upgraded before I start upgrading desktops

• Implement the desktop NOW!
• You will start increasing up time immediately
• You will have a much more secure environment
• Implement standalone servers NOW!
• Higher uptime and easier managability

19
Myth I have to upgrade all my Domain
Controllers to Windows 2000 / Active Directory

• Only need ONE Windows 2000 Server to start using
  Active Directory
• Piece by piece basis

20
Myth I need to wait until my entire
organization is ready before I start using
Windows 2000

• Implement the desktop NOW!
• If Active Directory is in place you can
  experience a faster ROI, but the TCO will be
  lowered anyway
• Implement standalone servers NOW!
• It is easy for a standalone server to join the
  Active Directory later, enjoy the longer uptime
  and manageability now.

21
Myth We need to be trained on Windows 2000
before we start implementing Active Directory

• Well, thats actually true
• http//www.microsoft.com
• mcp
• windows2000
• windows2000/library

22
Get Results NowImmediate and Incremental Benefits
Allen G. Abrahamson Peg I dont really like
this slide, but if you want it I can do it.

• More Reliable Manageable

• Highest Scalability Availability

• Delegation
• Group Policy
• IntelliMirror
• Kerberos

• Better File, Print, Web, App Comm services

Primary Domain Controller
Specific- function Servers
23
Migration NT 4 to Windows 2000

• Easiest Upgrade
• Create a new BDC then take it off line (just in
  case of a problem)
• Upgrade existing PDC then all the BDCs of that
  domain to Windows 2000
• Join the root domain (WA.GOV) during the AD setup
  (after the upgrade)
• Set up the OU structure to reflect your needs for
  manageability
• Use the ADSI (Active Directory Services
  Interface) to populate the Active Directory

24
Migration Novell Netware NDS to Windows 2000

• Set up a Windows 2000 Domain Controller
• Join the root of WA.GOV during the AD setup
• Use tools to coexist and eventually migrate to AD
• MS Directory Sync Server
• Microsoft File Migration Utility
• File/Print Services for NetWare
• Proactively promote interoperation and migration
  from Netware (3.x and NDS) to Active Directory

25
Migration Novell GroupWise to Exchange 5.5

• Bring up an Exchange server (either on NT 4.0 or
  Windows 2000)
• Install the GroupWise connector
• Use the connector toolkit to perform trial
  migrations
• When ready, convert a small test group
• Remember, this will require user training and a
  desktop touch

26
Migration Exchange 5.5 to Exchange 2000

• After agency is up on Active Directory (and the
  root has had the schema extensions performed for
  Exchange 2000)
• Perform the upgrade on an Exchange 5.5 server.
• Other Exchange 5.5 servers in the same domain may
  be able to be consolidated to the same server
  (under a different store)

27
Windows 2000 ProfessionalProduct Benefits

• Best features of Win98
• PnP, ACPI, USB, 1394, DX6, integrated
  browser/shell
• Broad driver support
• Display, Sound, Printer, Digital Cameras,
  Scanners, NIC, etc.
• Enhanced ease-of-use
• Shell, Network UI, Fewer config reboots, IE5
• Lowest Total Cost of Ownership
• SFP, Setup Manager, SysPrep, Windows installer,
  WMI, WBEM
• NTs traditional power
• Better Reliability, Security, Performance

28
Windows 2000 ProfessionalKey Value Scenarios
29
Windows 2000 ProfessionalDeployment Value

• Reduce labor costs with 100 automation
• Reduce the need for 3rd party tools
• Provide rapid deployment of standard images
• Simultaneous deployment of Service Packs

• Eliminate manual error with 100 automation
• Reduced likelihood of component conflicts
• Inoperable systems with pre-Upgrade checks

• Easier to ensure installed base is up to date
• Provide a tested, standardized environment

30
Windows 2000 ProfessionalManagement Value

• Change Configuration Management
• Lower TCO with powerful client management
• Location specific reconfiguration work

• Easy centralized enforcement of policy
• Reduce likelihood of permanent loss of data

• Ensures consistent, predictable environment
• Provide applications on demand
• Delegate selected admin tasks to user

31
Windows 2000 Server Product Benefits

• File Servers
• Content indexing, Distributed file system, Disk
  quotas, Hierarchical Storage Management, Dynamic
  volume management, 20 faster file access
• Print Servers
• Printers published in Active Directory, Improved
  UI and admin, Internet Printing Protocol
• Web Servers
• Higher performance, CPU throttling, Load
  Balancing
• Application Servers
• Enterprise memory architecture, Fewer
  planned/unplanned reboots, Improved cluster
  services, Auto-restart of failed services,
  Terminal services

32
Windows 2000 Version Release Strategy Impact

• Service Packs
• Schema Updates
• Application Updates

33
Windows 2000 Server DesktopDeployment
Techniques

• Upgrade
• Windows 9x or Windows NT 4
• Unattended Script
• Setup Manager tool
• Disk Duplication - Sysprep
• Fastest deployment
• User data settings
• Remote Install Service (RIS)
• Requires Windows 2000 Server
• Boot from floppy or NIC
• RiPrep - Sysprep for Remote Install
• Systems Management Server 2.0

34
Windows 2000 - Staff Training Recommendations

• Leverage the Microsoft Sales Technology Team to
  provide the basics on Windows 2000 (no charge)
• Windows 2000 Product Overview
• Windows 2000 Active Directory Security
• Windows 2000 Desktop Server overview
• Windows 2000 Deployment
• Microsoft Certified Training Centers
• Microsoft Consulting Services
• Microsoft Product Knowledge Transfer
• Microsoft Premier Support
• Product specific operational support workshops

35
Questions??