Windows 2000 Active Directory Design and Deployment

Name: Windows 2000 Active Directory Design and Deployment
Price: 1.99 USD
ISBN: 9781578702428

ISBN-10: 1578702429

ISBN-13: 9781578702428

This book focuses on the design of a Windows 2000 environment, and how to develop an effective design and migration plan. You are lead through the process of developing a design plan by reviewing each pertinent issue, and provides expert advice on how to evaluate each issue as it applies to the your particular environment. Practical examples illustrate all these issues. The book begins with detailed coverage of how to evaluate the current network environment - what issues need to be considered, and how to evaluate those issues. Next, the process of developing a migration plan is explored. The book then examines how to develop a Windows 2000 environment, sharing the insight gained by actual deployments from RDP members. Next, the book discusses how to evaluate both the migration and development plans, making sure that all potential pitfalls have been avoided. It closes with a discussion of the future of Active Directory. About The AuthorGary Olsen was selected in March, 1998, as one of four engineers with Compaq Services to participate in Microsoft's Windows 2000 RDP by working at the Redmond campus on the Enterprise Beta Support team. Specializing on the Domains team supporting Active Directory and domains issues, Gary supported Microsoft customers and Microsoft's Internal Technology Group through the implementation of Windows 2000. He has been intimately involved in learning, filing bug reports, and testing since the early days of the beta. Gary has also assisted in development and training of Compaq Customer Support engineers, and presented at several technical conferences and informal MS training sessions. In addition, he was a key player in the design, implementation and support of a large company-wide domain built to facilitate experimentation with the beta by Compaq employees. Gary received his M.S. degree in Computer-Aided Manufacturing and a B.S. in Industrial Education from Brigham Young University. He is also an MCSE.

Chapter 1: Developing a Business Justification for Migrating to Windows 2000\ This manager also might ask why he should approve of an upgrade if the return on investment (ROI) period had just been completed. In fact, there are bound to be cases in which the ROI has not yet been completed.\ This experience reminded me that perhaps the most critical step in any upgrade process is providing a business justification, a well thought-out project plan, and a realistic, accountable ROI calculation. This chapter addresses these issues in a practical sense that allows the reader to apply the principles and suggestions to a project. In addition, it identifies the business reasons for why you should migrate to Windows 2000 and tells how these features can be used in quantifying realistic cost reduction. This information is referred to in Chapter 3, "The Action (Project) Plan and Cost Justification of the Project," when ROI calculation is addressed. This chapter also gives reasons why you should not migrate to Windows 2000-or at least why you should postpone the migration. A summary at the end of the chapter offers a sample comparison table to aid the designer in evaluating the migration of the enterprise.\ Reasons to Migrate to Windows 2000\ Each of the reasons listed in this chapter identifies the technical advantage gained, followed by the business advantage of migrating to Windows 2000. The business advantages are clearly labeled as side notes throughout the chapter. Organizing the list in this manner helps you identify key technical migration justifications and use the business advantages listed in writing your business justification for the migration-and, in some cases, incalculating an ROI on the project.\ You'll find a plethora of technical reasons for upgrading to Windows 2000. This is not intended to be a comprehensive discussion of those reasons; rather, it is a list of advantages that, from a design perspective, makes a case in favor of migration to Windows 2000. You are certain to find others based on your own experience.\ Improved Hardware and PNP Support\ One of the most compelling reasons for migrating to Windows 2000 is the improved hardware support. Windows 2000 supports more than 60% more hardware devices than Windows NT 4.0 did. This increase in hardware support produces direct cost savings in hardware purchases, but perhaps the greatest savings is in the area of support and administration. Getting support for new RAID controllers, high-capacity disk drives, video controllers, ACPI, and other power management standards and USB devices is difficult, time-consuming, and costly-and it often ends in failure. Of course, not all devices are supported, and some older devices, such as network cards, have been dropped from support. However, it has been my experience after installing Windows 2000 on a number of hardware platforms, as well as doing Windows NT 4.0 installations on the same machines, that Windows 2000 installations are simpler, faster, and more successful than NT installations. While some machines need a stack of disks with configuration utilities, Hardware Abstraction Layer (HAL) drivers, and various other drivers, Windows 2000 setup has it all on the CD.\ In addition, while it is true that eventually Windows 2000 drivers will need to be updated, using them still puts you way ahead of where Windows NT is.\ Other hardware-related advantages to a Windows 2000 migration include support for Web Based Enterprise Management (WBEM) standard, the FAT32 file system, Universal Data Format (UDF), digital video devices (DVD), Universal Serial Bus (USB) devices, and a new, enhanced NTFS file system, NTFS v5. This has significant impact on the future because these options likely will become requirements soon.\ Business Advantage\ Hardware support will manifest itself as cost savings primarily in two areas: installation time and help desk support. In addition, using tools such as unat- tended setup makes hardware updates much easier than in Windows NT.\ Improved Security Features\ Windows 2000 offers significant improvements in security that will be attractive to users, administrators, and security-conscious network administrators alike. These features include the Encrypting File System, implementation of Kerberos v5 authentication, smart card logon, and single sign on, as well as the network security provided by Internet Protocol Security (IPSec) and Layer 2 Tunneling Protocol (L2TP). Chapter 9, "Security Design and Planning," discusses Kerberos authentication in detail. Let's briefly examine these security features. The business advantages will be given at the end of this section, dealing with the security issues as a whole.\ Encrypting File System The Encrypting File System (EFS) allows file encryption for added security. The capability to boot a computer from a floppy, with utilities easily available to mount NTFS volumes, makes all files on an NT computer vulnerable. The EFS provides data encryption to files on a file-by-file basis to solve this problem, which especially applies to lost or stolen laptops...

1Developing a Business Justification for Migrating to Windows 200012Defining and Evaluating the Current Environment353The Action (Project) Plan and Cost Justification of the Project554Namespace Design of the Windows 2000 Active Directory855Group Policy Design, Planning, and Implementation1436Server Roles1977Active Directory Replication and Site Design2298Active Directory Capacity Planning3019Security Design and Planning34710Developing the Migration Plan38711Implementation of the Migration Plan41912The Transition Period and Post-Migration Tasks44513Integrating Windows 2000 Active Directory with Novell NetWare46714Interoperability with Other Third-Party Network Operating Systems48315Windows 2000: Current Status and Futures499AppCase Study: Reliable Equipment & Computer Components, Inc531

\ From Barnes & NobleThe Barnes & Noble Review\ Microsoft itself admits that enterprise Windows 2000 and Active Directory deployments require four times the design and planning effort as Windows NT 4.0 did. Now you can get help from Gary Olson, who helped build the Earth's largest Windows 2000 test domain -- and learned so much that Microsoft hired him for advanced training of its own engineering terms. \ This book shines. First, Olson is one technologist who knows how to tie technical issues directly to business benefit. For example, the discussion of reciprocal replication points out why it is especially compelling for companies that use dial-up connections in Europe, and the discussion of Terminal Services points out that it can be used to support hardware not on Microsoft's strict HCL list, reducing migrating costs or spreading them over time.\ Second, just as you'd hope, the book offers extraordinary technical insight. Instead of just outlining the options available in structuring your organizational units, Olson shows real Domain/OU structures and explains why the companies made the decisions they made. Instead of simply taking Microsoft's word for it, Olson shows you the results of real-world deployments, and suggests alternatives to the received doctrine (such as using Novell's Client32 for Windows 2000 instead of Microsoft's CSNW in mixed Windows/Novell environments).\ Third, the book is newer than most Active Directory guides. It reflects the latest lessons learned, as well as the newest tools and Knowledge Base documents -- and it's full of references to additional source material. Bottom line: This is, by far, the best Active Directory book we've seen yet. (Bill Camarda)\ Bill Camarda is a consultant and writer with nearly 20 years' experience in helping technology companies deploy and market advanced software, computing, and networking products and services. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.\ \ \