Docstoc

LAL_NT-W2000Mig

Document Sample
LAL_NT-W2000Mig Powered By Docstoc
					                NT DOMAIN - ACTIVE
             DIRECTORY MIGRATION


                 Michel Jouvin
                  LAL Orsay
               Jouvin@lalin2p3.fr


31/10/2000               NT Domain - AD Migration - JLab 2000
                                             Outlines

•   Current domain infrastructure
•   Migration options and requirements
•   Server migration status and perspectives
•   W2000 Pro upgrade




31/10/2000                NT Domain - AD Migration - JLab 2000
             NT Domain Infrastructure...

• One domain : LAL
     – 130 machines
     – 300 user accounts
• 7 servers
     – 1 PDC (NT)
     – 3 BDC (2 NT + 1 VMS)
     – 3 autonomous server (Samba/Unix + Axis CD
       server + NT Terminal Server)
31/10/2000                 NT Domain - AD Migration - JLab 2000
             … NT Domain Infrastructure

• Home Directories and Experiments space
  on Samba
     – Served by main file server
• Printing server on Unix
     – Access through LPR




31/10/2000                   NT Domain - AD Migration - JLab 2000
                         Migration Options

• Create a new domain with trusted
  relationship
     – + : No impact on running domain resources
     – - : 2 different domains for users
• Migrate domain rather than create a new
  one
     – + : management easier, only 1 domain for users
     – - : impact in case of migration problem
31/10/2000                   NT Domain - AD Migration - JLab 2000
                   Migration Requirements
• Keep LAL as domain name
    – Put W2000 nodes in our main DNS domain
      (lal.in2p3.fr)
         • Also avoids double registration of host name
    – Keep Unix DNS as our master server for
      lal.in2p3.fr zone
    – Impossible to do with a new domain
• Run in mixed mode until we can downgrade
  VMS to autonomous server
31/10/2000                        NT Domain - AD Migration - JLab 2000
                           Migration Status

• Migration of existing domain in progress
     – 2 NT machines already migrated, last NT soon
• No interoperability problem with NT stations
• Main problem : VMS Pathworks
     – Need to be at least a BDC
     – Had major interoperability problem with 7.2A
       (SAM replication failure)
     – Has minor problems with last patches
31/10/2000                  NT Domain - AD Migration - JLab 2000
                               DNS integration...
• AD internal information in sub-zones of AD
  domain DNS zone
    – mainly service location (SVR records)
    – Sub-zone names start with _
• Need to create required sub-zones manually
    – lal.in2p3.fr DNS master is a secondary for AD
      sub-zones
         • Bind v8.2 on Unix
    – W2000 is mastering AD sub-zones
31/10/2000                       NT Domain - AD Migration - JLab 2000
                               … DNS integration

• DNS dynamic updates not (yet?) activated
  for host names (main zone)
     – Tested and seems to work
             • Error messages logged on master DNS
             • AD server acting as a proxy for updates
     – Need to upgrade our DNS management tools
             • Use comments in DNS database lost during dynamic
               updates

31/10/2000                            NT Domain - AD Migration - JLab 2000
                                              What Next ?

• DFS
     – File naming independent of location
• Kerberos
     – Tru64 (v5.1) has a single logon capability
• LDAP integration ?
     – Currently 2 LDAP servers :
             • 1 for ou=people,ou=lal,o=in2p3,c=fr
             • 1 for o=lal,dc=in2p3,dc=fr
31/10/2000                           NT Domain - AD Migration - JLab 2000
                W2000 Pro Upgrade Status

• No plan for a wide upgrade
     – Some hardware don’t fulfill min requirements
     – Some software missing or have problems
             • Ex : AFS client, Netscape
• New PCs : W2000 since last summer
     – Group policies configured for deployment of all
       supported applications
     – Some apps already upgraded through GPs
             • Ex: Exceed v6 -> v7
31/10/2000                           NT Domain - AD Migration - JLab 2000
     W2000 Pro Upgrade Strategies
• Upgrade through SMS : evaluation phase
     – Should not be a problem for the OS
     – Impact of group policies on installed
       applications
             • Applications will be reinstalled
             • What happens if newer version (Office, Exceed)
• Reinstallation from scratch
     – No ‘previous state’ problem
     – Preferred when there is not too much local data
31/10/2000                           NT Domain - AD Migration - JLab 2000

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:15
posted:3/4/2010
language:English
pages:12