Windows NT to 2000XP Migration at SLAC Dennis

  • Slides: 16
Download presentation
Windows NT to 2000/XP Migration at SLAC Dennis Wisinski SLAC Computing Services 16 April

Windows NT to 2000/XP Migration at SLAC Dennis Wisinski SLAC Computing Services 16 April 2002 HEPi. X-HEPNT April 2002

Overview n n n Current NT configuration W 2 K infrastructure design Client migration

Overview n n n Current NT configuration W 2 K infrastructure design Client migration

Current NT configuration n Single master domain design Twelve resource domains scattered among departments

Current NT configuration n Single master domain design Twelve resource domains scattered among departments One hidden domain (private network)

W 2 K infrastructure design n n n DNS design Tree, domain, and OU

W 2 K infrastructure design n n n DNS design Tree, domain, and OU design Domain controller placement Native vs. mixed mode Exchange 2000 Our “hidden” domain

DNS design n n Current BIND DNS will delegate control of a new domain

DNS design n n Current BIND DNS will delegate control of a new domain win. slac. stanford. edu to our new Windows DNS Will run as AD integrated zone to enforce authentication of machines before allowing them to update DNS

DNS design (cont. ) n n IIS web servers will also have entries in

DNS design (cont. ) n n IIS web servers will also have entries in our BIND DNS server to prevent URLs from breaking Need to write scripts to keep DNS synchronized with our ORACLE “database of record” for computers

Tree, domain, and OU design n n Single tree/single domain chosen Keep simple to

Tree, domain, and OU design n n Single tree/single domain chosen Keep simple to simplify administration Use departmental Organizational Units for delegation of authority to departmental administrators Other OUs may be needed (divisions, experiments, etc. )

Domain controller placement Business Services Division subnet Main SLAC network Possible “air gap” during

Domain controller placement Business Services Division subnet Main SLAC network Possible “air gap” during intrusion Stanford Synchrotron Radiation Lab subnet

Native vs. mixed mode n n n Plan to go to native mode from

Native vs. mixed mode n n n Plan to go to native mode from start Two-way trust between old NT 4 master domain and new Win 2 k domain Add NT 4 SID information to W 2 K user account history with Clone. Principal or similar tool to assure access to NT 4 domain resources

Native vs. mixed mode (cont. ) n n Allows early testers to easily “live”

Native vs. mixed mode (cont. ) n n Allows early testers to easily “live” in new Win 2 K environment Allows incremental migration of servers and user workstations Migration is easily reversible for individual users if there is a problem Use re. ACLing tools as needed

Exchange 2000 n n n Similar approach: run new Exchange 2000 servers in W

Exchange 2000 n n n Similar approach: run new Exchange 2000 servers in W 2 K domain Synchronize with Exchange 5. 5 using Active Directory Connector Migrate user’s mailbox when migrating user’s workstation to W 2 K domain

Our “hidden” domain n n One NT 4 domain where sensitive information resides is

Our “hidden” domain n n One NT 4 domain where sensitive information resides is on an isolated subnet accessible only to workstations in one other particular subnet via a Citrix connection to WTS farm there Timing of conversion to W 2 K for this domain depends on People. Soft versions running

Client migration n User workstations will be converted to Windows XP rather than 2000

Client migration n User workstations will be converted to Windows XP rather than 2000 Windows 2000 is already half way through its life cycle. Will be nearly obsolete by completion of migration Many apps won’t run under 2000 but may be able to with XP’s compatibility mode

Client migration (cont. ) n n Local admin training starting at the end of

Client migration (cont. ) n n Local admin training starting at the end of April Testing of departmental applications done by local admins and power users through summer and fall Help Desk training User relations management

Client migration (cont. ) n n n Just-in-time user training Convert users to Windows

Client migration (cont. ) n n n Just-in-time user training Convert users to Windows XP, new domain, Office XP, Exchange 2000 all at once User conversion begins near end of 2002 and continues through 2003

IP Windows 2000XP IP Windows 2000XP IP WindowsIP Windows 2000XP IP Windows 2000XP IP Windows
Windows Security Security Windows 2000XP Professional security orientedWindows Security Security Windows 2000XP Professional security oriented
Windows Windows Windows XP Windows Vista Windows 7Windows Windows Windows XP Windows Vista Windows 7
Windows Windows 951995 Windows 981996 Windows 20002000 WindowsWindows Windows 951995 Windows 981996 Windows 20002000 Windows
Windows 2000XP Internet Protocol Security IPSec Mike ChiricoWindows 2000XP Internet Protocol Security IPSec Mike Chirico
8 OS BSD UNIX Linux MS Windows 2000XP8 OS BSD UNIX Linux MS Windows 2000XP
Netstat abn ipconfig IP Ipconfig Windows 2000xp WinconfigNetstat abn ipconfig IP Ipconfig Windows 2000xp Winconfig
8 OS BSD UNIX Linux MS Windows 2000XP8 OS BSD UNIX Linux MS Windows 2000XP
Unit 5 Windows 2000XP History and Data ManagementUnit 5 Windows 2000XP History and Data Management
LOGO v Windows 7 Windows Windows 7 WindowsLOGO v Windows 7 Windows Windows 7 Windows
Windows Windows 710 Windows 32UFRII 30 15 WindowsWindows Windows 710 Windows 32UFRII 30 15 Windows
windows 1 1 Windows Windows 95 Windows 98windows 1 1 Windows Windows 95 Windows 98
Windows 8 Windows Phone 8 Windows 8 WindowsWindows 8 Windows Phone 8 Windows 8 Windows
xp Windows Microsoft Windows xp Windows Microsoft Windowsxp Windows Microsoft Windows xp Windows Microsoft Windows
Backup Windows Backup Windows Backup Windows Backup WindowsBackup Windows Backup Windows Backup Windows Backup Windows