Add to collection(s) Add to saved
  1. Science
  2. Earth Science
  3. Oceanography

XP and .NET - the New Windows World at DESY

advertisement 
XP and .NET - the New
Windows World at DESY
Reinhard Baltrusch
DESY IT
DESY Computing Seminar, 11/03/2003
1
Windows Project
Agenda
The previous Windows domain DESYNT
The DESY Windows Project
The new Windows domain win.desy.de
Hardware for the new domain
Basic services in the domain
Windows XP Client installation
DESY Computing Seminar, 11/03/2003
2
Windows Project
The previous Windows domain DESYNT (I)
Ca. 1800 User and ca. 1600 activ computer
Services :
Logonservice (1 primary logon server, 5 secondary logon server)
Homedirectory (on three cluster systems, backup, no quotas)
Web-services (group- and user websites, Webdav, web based domain
management)
Mail services (Exchange 5.5 and Outlook web interface, IMAP a. MAPI)
Application services (cluster system with NetInstall for software deployment)
Print services (printcluster, already replaced by Samba print server)
More smaller services (antivirus server, licence server, utility server)
Timeworn hardware, services partially on standard PCs
Windows NT 4.0 at the end of support lifetime (no more SPs)
Only primary logon server accepts password changes
Flat data structures on the logon server (user, security groups, computer)
DESY Computing Seminar, 11/03/2003
3
Windows Project
The previous Windows domain DESYNT (II)
Installation of Windows NT 4 clients increasingly more difficult (driver
support for new hardware lacks, no USB support, installation scenarios
and recovery scenarios are time-consuming).
Installation of Windows XP clients in the domain DESYNT is only a
transitional solution (many new features of the OS are not usable in a NT4
domain).
DESY Computing Seminar, 11/03/2003
4
Windows Project
The DESY Windows Project
Kick off on 27. March 2002
Project goal : Smooth migration of the existing Windows NT 4.0
infrastructure in the domain DESYNT into one new structured Windows
2000- (Windows.NET-) Active Directory domain with Windows XP
Professional as preferred client operatingsystem
This implicates :
Build up of the new domain parallel to the domain DESYNT.
The domain DESYNT has to be gradual frozen, especially under
consideration of the NT computers used for the accelerator
controls (mission critical).
During the migration a transparent and domainspreading access
on resources of both domains must be a possible for the DESY groups
and several users
DESY Computing Seminar, 11/03/2003
5
Windows Project
The Project team





Melvin Alfaro (IT, since 28.2.2002)
Reinhard Baltrusch (IT, head)
Henner Bartels (IT, until 31.12.2002)
Ralph Heintz (IT, since 4.3.2002)
Andreas Labudda (MST)
Kazimierz Popinski (IT, since 4.3.2002)
Patrick Rüger (DV Zeuthen, since 16.9.2002)
Helga Schwendicke (DV Zeuthen)
Gunter Trowitzsch (DV Zeuthen)
DESY Computing Seminar, 11/03/2003
6
Windows Project
The new Windows domain win.desy.de (I)
Completely new, more stable hardware for the domain infrastructure
(failsafe HP/Compaq ProLiant server systems, no standard PCs).
Better possibilities for remote control and for system monitoring
independent from operatingsystem (Remote Inside Board/Integrated Light
Outs, Insight Manager).
New server operatingsystem Windows Server 2003 (web-, standard,
enterprise version) with many integrated, activatable services (Dfs, IIS,
RIS, WINS etc.) and ensured support for several years.
Directory service Active Directory as logon service with multimaster
replication (any logon server is equal).
Directory service allows two dimensional arrangement of user,
securitygroup and computer objects.
Better possibilities for client support (installation, recovery, policies,
assistance etc.)
DESY Computing Seminar, 11/03/2003
7
Windows Project
Hardware for the new Domain
3 HP/Compaq ProLiant DL380 G3 as domaincontroller
4 HP/Compaq ProLiant DL360 G3 for different services
1 Compaq/HP ProLiant DL380 G2 Packaged Cluster with StorageWorks
Array for RIS, Dfs and other services
1 Compaq ProLiant DL360 for Compaq/HP Insight Manager
1 HP StorageWorks MSA1000 with 4 HP ProLiant BL20-p G2 Blade Servern
(Homedirectories for win.desy.de and DESYNT in Hamburg)
1 HP StorageWorks MSA1000 with HP ProLiant DL380 G3 Cluster
(Homedirectories for win.desy.de in Zeuthen)
DESY Computing Seminar, 11/03/2003
8
Windows Project
HP/Compaq ProLiant DL380 G3
2 x 2,4 GHz Xeon, 1 GB RAM, 4 x 36 GB Ultra320 SCSI Uni. HD, Smart
Array 5i Controller, 2 x NC7781 Gigabit Network Adapter, ILO
DESY Computing Seminar, 11/03/2003
9
Windows Project
HP/Compaq ProLiant DL360 G3
2 x 2,4 GHz Xeon, 1 GB RAM, 2 x 36 GB Ultra320 SCSI Uni. HD, Smart
Array 5i Controller, 2 x NC7781 Gigabit Server NIC, ILO
DESY Computing Seminar, 11/03/2003
10
Windows Project
Compaq/HP ProLiant DL380 G2 Packaged
Cluster mit Smart Array Storage
2 x 1,26 GHz Pentium III, 768 MB RAM, 2 x 36 GB Wide Ultra3 SCSI Uni.
HD, 2 x NC3163 Fast Ethernet NIC, 3 x 72 GB Wide Ultra3 SCSI Uni. HD
DESY Computing Seminar, 11/03/2003
11
Windows Project
Compaq ProLiant DL360
930 MHz Pentium III, 1 GB RAM, 2 x 18 GB Wide Ultra 3 SCSI HD,
NC3163 Fast Ethernet NIC, RIB
DESY Computing Seminar, 11/03/2003
12
Windows Project
HP StorageWorks MSA1000
42 x 146 GB Ultra320 SCS
Redundant RAID
controller
Fibre Channel I/O modul
2 x SAN Switches
DESY Computing Seminar, 11/03/2003
13
Windows Project
HP ProLiant BL20-p G2 (Blades)
2,8 GHz Xeon Prozessor, 1 GB RAM, 2x 36 GB Ultra320 SCSI HD, ILO
DESY Computing Seminar, 11/03/2003
14
Windows Project
Basic services in the new domain
Logon service (Active Directory, domain controller in CC, in the MC
and in the CC in Zeuthen)
Homedirectory (backup, volume shadow copies, quotas)
Distributed File System (Dfs, Active Directory integrated).
Remote Installation Service (RIS) for supply of an adapted
Windows XP installation over the network.
Software Update Service (SUS, Windows Update) for automatic
update of the operatingsystem (security updates).
Supply of McAfee VirusScan Enterprise 7.0 (one version for server
and workstation), update over the AutoUpdate Architect.
Software deployment with NetInstall.
Mail and Printing is initially suitable in the old domain.
DESY Computing Seminar, 11/03/2003
15
Windows Project
Active Directory
The Active Directory is the LDAP speaking directory service of Windows
2000 / Server 2003. Active Directory saves information about network
ressources, services, computer user accounts etc. and make them useable
for users. It is the management tool for a Windows domain and the logon
service.
DESY Computing Seminar, 11/03/2003
16
Windows Project
Active Directory (II)
DESY Computing Seminar, 11/03/2003
17
Windows Project
Active Directory (III)
DESY Computing Seminar, 11/03/2003
18
Windows Project
Active Directory (IV)
DESY Computing Seminar, 11/03/2003
19
Windows Project
Active Directory (V)
DESY Computing Seminar, 11/03/2003
20
Windows Project
Homedirectory
Separation of user- and groupdirectories (drive “N:” is a virtual
combination over Dfs), thereby after change of group membership no
physical movement of userdirectories is necessary.
Quotamanagement at first with built in tools (pro user pro volume
averagely 500 MB – 2 GB)
Backup with TSM (TSM-Client V. 5.20 is working with Windows Server
2003).
Volumen Shadow Copy Service allows the user to restore files between
full backups without central support.
DESY Computing Seminar, 11/03/2003
21
Windows Project
Homedirectory (II)
DESY Computing Seminar, 11/03/2003
22
Windows Project
Homedirectory (III)
DESY Computing Seminar, 11/03/2003
23
Windows Project
Homedirectory (IV)
DESY Computing Seminar, 11/03/2003
24
Windows Project
Distributed File System
Virtual combination of different physical shares for a common directory
tree.
Active Directory integrated.
Automatic replication of Dfs-tree information between domain
controllers.
Homedirectorypath in the userprofile is a Dfs-link (e.g.
\\win.desy.de\home\b\baltrurb), no change if userdata must be moved.
Replicas of userdirectories on several servers possible.
DESY Computing Seminar, 11/03/2003
25
Windows Project
Distributed File System (II)
DESY Computing Seminar, 11/03/2003
26
Windows Project
Remote Installation Service
Operatingsystem installation over the network with suitable network
cards.
Workstation- and server installations possible.
Basis are installations files of an installation CD, which are extendable
by service packs, drivers, hotfixes, configurations and additional
applications.
Images of preinstalled computers with applications can be created.
After installation a PC is automatically member of the domain.
DESY Computing Seminar, 11/03/2003
27
Windows Project
Remote Installation Service (II)
DESY Computing Seminar, 11/03/2003
28
Windows Project
Software Update Service
In-House replacement of the Windows Update.
Security fixes and updates for the operatingsystem (with updates for IE,
OE etc.) are downloaded from Microsoft to an intranet server.
Updates will be tested and then released for deployment.
Updates are pushed on the computer (download and installation, user
gets a popup message asking for a reboot).
No updates for applications (Office etc.).
DESY Computing Seminar, 11/03/2003
29
Windows Project
Software Update Services (II)
DESY Computing Seminar, 11/03/2003
30
Windows Project
VirusScan Enterprise 7.0
DESY Computing Seminar, 11/03/2003
31
Windows Project
AutoUpdate Architect
DESY Computing Seminar, 11/03/2003
32
Windows Project
Windows XP Client Installation
Computer : standard PC / laptop (Pentium III/IV, 256 MB RAM, min. 20 GB
harddisk).
New installation is necessary (defined initial state !).
DNS-zone : desy.de (entry in VitalQIP).
Active Directory domain : win.desy.de.
Computername : The first three letters correspond to the group name
(namespace).
Installation normally by group administrators.
Different installation possibilities :
Remote Installation Service (recommended)
CD-installation (virusscan included)
Image (copy of an existing installation e.g. with DeployCenter)
DESY Computing Seminar, 11/03/2003
33
Windows Project
Windows XP Client Installation (II)
Preinstalled :
Service Pack 1, last critical security fixes, IE6 SP1
SUS-Update preconfigured (push)
ShadowCopy-Client (msi-packet)
GroupPolicyMonitor (policy history)
.Net-Framework 1.1 (msi-packet)
VirusScan 7.0 Enterprise (msi-packet)
Software installation over NetInstall :
Office XP Professional (Access, Excel, Word, Powerpoint, Outlook)
(msi-packet)
Acrobat Reader 6.0 (msi-packet)
Exceed 8.0 (msi-packet)
OpenAFS-Client 1.2.8a
etc.
DESY Computing Seminar, 11/03/2003
34
Windows Project
Windows XP Konfiguration
DESY Computing Seminar, 11/03/2003
35
Windows Project
Remote Desktop
DESY Computing Seminar, 11/03/2003
36
Related documents
Pre-Registration for Kinderwelt@DESY child care center This form is
Pre-Registration for Kinderwelt@DESY child care center This form is
Seminar Assessment Form
Seminar Assessment Form
Academic Seminar: High School BEP Getting Started
Academic Seminar: High School BEP Getting Started
ABC Technical Seminar Early Registration Form
ABC Technical Seminar Early Registration Form
ABC Technical Seminar Early Registration Form
ABC Technical Seminar Early Registration Form
Food Inc Socratic Seminar Questions
Food Inc Socratic Seminar Questions
Distributed Leadership: Theory, Principle, and Practice
Distributed Leadership: Theory, Principle, and Practice
pptx file - DESY Summer Student Programme 2016
pptx file - DESY Summer Student Programme 2016
Download
advertisement