campus active directory consolidation n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Campus Active Directory Consolidation PowerPoint Presentation
Download Presentation
Campus Active Directory Consolidation

Loading in 2 Seconds...

play fullscreen
1 / 20

Campus Active Directory Consolidation - PowerPoint PPT Presentation


  • 350 Views
  • Uploaded on

Campus Active Directory Consolidation. Campus IT Forum September 27, 2011 Andrea Beesing, CIT Infrastructure Division. IT @ CORNELL. Topics. Deciding whether to migrate Preparing campus AD ( CornellAD ) for unit migrations Preparing IT@Cornell for AD migration activity

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Campus Active Directory Consolidation' - tibor


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
campus active directory consolidation

Campus Active Directory Consolidation

Campus IT Forum

September 27, 2011

Andrea Beesing, CIT Infrastructure Division

IT @ CORNELL

topics
Topics
  • Deciding whether to migrate
  • Preparing campus AD (CornellAD) for unit migrations
  • Preparing IT@Cornell for AD migration activity
  • Where to go for more information

IT @ CORNELL

to migrate or not to migrate
To migrate or not to migrate
  • Each unit decides based on their environment and needs
  • Factors to consider
    • Commitment to virtualization
    • Maturity of unit AD implementation
      • Number of managed objects
      • Resources available to manage the environment
    • Number of Windows-based server resources

IT @ CORNELL

if you migrate
If you migrate
  • AD migration prior to virtualization will be smoother for end user
  • Minimize the time between beginning and completing a migration
    • Day to day management will be more demanding during the transition period
    • Maximize the University’s investment in resources to support the effort

IT @ CORNELL

preparing cornellad
Preparing CornellAD
  • MS certificate authority in place for secure server to server communication (IPSEC)
  • R2 upgrade in October
  • Identity Lifecycle Manager (ILM) to Forefront Identity Manager (FIM) in October
  • Address cornell.edu name conflict this fall
  • Provisioning and deprovisioning admin accounts
    • Activation of account using NetID in place
    • Deprovisioning of admin accounts based on HR status change after FIM upgrade

IT @ CORNELL

cornellad support enhancements
CornellAD support enhancements
  • Preparing CIT Help Desk to handle more routine questions
  • Training additional CIT Identity Management staff to handle backline cases
  • Improving content and organization of CornellAD Computing at Cornell site

IT @ CORNELL

infrastructure readiness team
Infrastructure readiness team
  • Moe Arif
  • Pete Bosanko
  • Laurie Collinsworth
  • Sean Hayes
  • Dan Elswit/Dan Hazlitt
  • KeshavSanti

IT @ CORNELL

preparing it @ cornell for migrations
Preparing IT@Cornell for migrations
  • Contractor engagements with Modis/Idea
    • Skilled resources with extensive experience with AD consolidation projects
    • Initial report with recommendations for overall strategy
    • Pilot migration project started in mid-August
      • Campus Life, Facilities, CALS
      • Complete two pilots by early November with contractors
      • Third pilot migration with Cornell team
    • SCCM review and recommendations
  • Purchased Quest Migration Manager licenses
  • Purchased Forensit Profile Wizard licenses

IT @ CORNELL

for more information
For more information
  • Virtualization Initiative website:

http://www.cit.cornell.edu/about/projects/virtual/progress.cfm

  • CornellAD documentation site:

http://www.cit.cornell.edu/services/active_directory/

  • Demo of Quest Migration Manager tool at October Microsoft Management SIG on Tuesday, October 11, 8:45 to 9:45 in G10 Biotech
  • Contact Andrea Beesing (amb3) or Tom Parker (jtp5)

IT @ CORNELL

ad migration process

AD Migration Process

Tom Parker, Project Manager

OIT Planning and Program Management

pilot studies in progress
Pilot Studies (in progress)
  • Lab environment build out
  • Install and configure Quest migration tools
  • Migration testing
    • User/Group Migration
    • Resource Update Manager
    • Workstation Migration
    • Member Server Migration
  • Developing Test Plans
  • Developing Migration Plans
  • Building Migration Documents
  • Conducting Migration Demo for Campus-wide IT Admins (October 11)
  • Generalized Project Plan, Templates, Migration scripts

IT @ CORNELL

the major steps
The Major Steps
  • Step 1 - Discovery and Unit Preparation
  • Step 2 - User/Groups and Workstation Migration
  • Step 3 - Member Server Migration and Cleanup

IT @ CORNELL

step 1 est 3 weeks
Step 1 (est. 3 weeks)
  • Discovery
    • User/Group Inventory
    • Workstation Inventory
    • Member Server Inventory
    • Application Discovery
    • Login Script/GPO Discovery

IT @ CORNELL

step 1 continued
Step 1 (continued)
  • Unit Preparation (includes a pilot)
    • Change Control Process (CCAB etc..)
    • Quest tools, Admin Accounts, Service Accounts, remote access
    • Verify firewall changes/agent connectivity
    • Verify DNS resolution exists between the Unit and Cornell.edu
    • Verify domain level trust
    • Verify connectivity between source and target servers
    • Unit admins verify admin access to Cornell.edu OU
    • Identify all Service Accounts in the Unit
    • Create new Cornell.eduservice accounts for Unit apps
    • Identify local admin account for workstations
    • Determine backup schedule for migration scheduling purposes
    • Workstation readiness: file/print, server service, remote registry, admin shares..
    • New OU structure
    • Attributes to merge (description, profile path, home folder path, home drive)
    • Verify GPO/Login scripts in place for delegated OU in Cornell.edu
    • Agent push – centralized
    • Computer rename (to add required prefix) – centralized
    • TSM

IT @ CORNELL

step 2 est 2 weeks
Step 2 (est. 2 weeks)
  • Migration of:
    • Users
    • Groups
    • Workstations
  • Troubleshooting

IT @ CORNELL

step 3 est 2 4 weeks
Step 3 (est. 2-4 weeks)
  • Member Server Migrations:
    • App Servers
    • File Servers
    • Print Servers
    • DB Servers
  • Cleanup – removal of permissions
  • Troubleshooting
  • Decommission old domain

IT @ CORNELL

migrations in parallel but staggered
Migrations in parallel, but staggered..

estimate of 7-9 weeks

Migrating Unit (a)

….

….

Step 1

Step 2

Step 3

estimate of 7-9 weeks

Migrating Unit (a)

….

….

Step 1

Step 2

Step 3

estimate of 7-9 weeks

Migrating Unit (a)

….

Step 1

Step 2

IT @ CORNELL

migration partnership roles and responsibilities
Migration Partnership -- Roles and Responsibilities
  • Readiness and internal scheduling is the responsibility of the migrating units
  • CIT to provide:
    • CornellAD infrastructure
    • Project Management and technical support
    • Dedicated TSP-level migration support
    • Dedicated migration engineers
    • Access to CornellAD engineers (Tier 3)
  • All participants to provide: Commitment to partnership and the planning process…

IT @ CORNELL

for more information1
For more information
  • Virtualization Initiative website:

http://www.cit.cornell.edu/about/projects/virtual/progress.cfm

  • CornellAD documentation site:

http://www.cit.cornell.edu/services/active_directory/

  • Demo of Quest Migration Manager tool at October Microsoft Management SIG on Tuesday, October 11, 8:45 to 9:45 in G10 Biotech
  • Contact Andrea Beesing (amb3) or Tom Parker (jtp5)

IT @ CORNELL