1 / 21

SLAC Windows Migration

SLAC Windows Migration. Bob Cowles Presented for the SLAC Windows Migration Project HEPNT, Fermilab October 24, 2002. Overview. Project Objectives Present NT Environment AD Environment Upgrade Path Related Projects Migrating Users. Project Objectives.

chana
Download Presentation

SLAC Windows Migration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SLAC Windows Migration Bob Cowles Presented for the SLAC Windows Migration Project HEPNT, Fermilab October 24, 2002

  2. Overview • Project Objectives • Present NT Environment • AD Environment • Upgrade Path • Related Projects • Migrating Users

  3. Project Objectives • Provide a more stable and secure Windows environment for our user community • More efficient administration • Simplified domain structure • Delegation of privileges • Enhanced distribution of software and policy (GPOs) • Integrated directory services (including Exchange 2000)

  4. Project Objectives • Provide new functionality for users • Better support for portables • Better networking support (VPN, wireless) • Better multimedia support • Better communications (OWA) • Easier to support • Better support tools (Remote Assistance for Help Desk and local admins)

  5. High-level view • One domain with OUs representing mission, administrative and funding boundaries • Desktops to have Windows XP and Office XP • Exchange 2000 for all messaging • Project to be completed Dec 2003 • Other related projects • New storage project • SMS and GPO’s for software distribution • Monitoring project

  6. Current NT Environment

  7. Current NT Environment • Master domain with 10 resource domains • Laptops are W2K; better support for hardware and remote access • Desktops are NT4; limiting W2K on the desktop due to the need for admin privilege for running many applications. • Fileservers 2 TB data60% user home directory, 40% groups directoryRate of growth: doubling every 12 months. • Storage of user data on central servers is encouraged (there is no backup of workstations provided by SCS). Department servers are discouraged.

  8. Current NT Domain Environment

  9. Current NT Environment • Print services reside on local domains • Central account domain in SLAC • Machine accounts in local domains • Centralized WINS Servers • DNS hosted on UNIX Bind systems • Remote access via PPTP/VPN and ICA/Citrix

  10. Current NT Environment • Monitoring via network “ping” • Anti-virus on all machines with InoculateIT. Updates downloaded from central server • E-mail anti-virus scans via Sybari Antigen • Veritas BackupExec used with DLT and LTO libraries to back up

  11. Active Directory Environment Single forest and domain with multiple domain controllers (DC). FSMO roles reside in SLAC’s DC’s.

  12. Windows Active Directory Environment • Print services reside on central print servers • Exchange 5.5 going to Exchange 2000 • Central account domain in SLAC • Machine accounts in department OU’s • Centralized WINS Servers • Delegated DNS zone win.slac.stanford.edu running as “Integrated Zone” on DC’s • Remote access via PPTP/VPN and ICA/Citrix

  13. Four Options As Upgrade Path 1) Migration tools and SID historypros: clean install of server infrastructure by going to ‘Native mode’, reversible. cons: migration tools were buggy. 2) Double ACL all resourcespros: clean install of server infrastructure by going to ‘Native mode’, reversible.cons: need to re-ACL all resources, confusing.

  14. Four Options As Upgrade Path 3) Re-ACL to new domain and cutoverpros: clean install of server infrastructure by going to ‘Native mode’, short time.cons: not reversible, re-ACL resource domains, disruptive for users

  15. Four Options As Upgrade Path 4) In-place Upgradepros: Easier for administrators and users • No re-ACL • No new domain • No migration tools • No SID History • Less likely to break • Less overhead Upgrade went smoothly, recommended by Microsoft.

  16. Related Projects - SMS • Utilize for security updates, hotfixes and service packs • Currently rolled out to half of lab (~700 workstations) • New SMS rollout coincide with W2K/XP rollout • Delegate abilities to OU Admin’s

  17. Related Projects - GPO’s • Use GPO’s for main policies • security policies • disabling services (Internet Connection Sharing, …) • authentication standards • Ultimately use GPO’s to co-exist with SMS and boot floppy to rollout registry changes, software, hotfixes and service packs

  18. Related Projects • Implement new monitoring solution. • Implement new backup solution. • Upgrade Citrix Metaframe 1.8 on NT TSE to Citrix XPe on Windows 2000 over the coming year

  19. Migrating Users • Migration to Windows XP Office XP Exchange 2000 • Clean install of 1600 client computers

  20. Migrating Users-timeline • Alpha migration, August 2002 Windows administrators • Beta migration, September 2002 All central computing users, and power users from each department • Pilot migration, November 2002 5% representative sample across all departments • General migration, December 2002-December 2003

  21. Challenges • Tight budget limits hardware upgrades • 4 yr. replacement cycle not always followed • XP needs 3 GB hard disk & 256 MB of memory • Older hardware works, but may run slower • Limited resources and budget • Freeze Windows NT except for security • Interoperability with SLAC UNIX environment • Samba gateway, AFS • Mitigated somewhat by WTS, WinSCP • Varied missions, administration and funding

More Related