Bigger Trailers. Heavier loads. Same Old Tractor. Once upon a time At a campus not too far away There was a Mac Surrounded by HUNDREDS of PC’s! Happily running Microsoft Operating Systems Like DOS 6.2 or Windows 3.1 Then, along came ACCNet And Richard Fonté said it was good. When ACCNet went live… ACC ordered lots of DELLS Running Windows 95 ® Next came a server Dude, it’s a DELL! What OS does it run? Microsof NT 4 And who gets hired to admin it? <drumroll> A command line challenged, GUI-Dependent tech that used to teach art and woodworking for 13 years. Computers And Servers Linux - 3% AIX - 2% Mac - 12% Windows - 81% Novell - 2% “We are a Microsoft Shop.” - Bill Carter And yet… Can you spot the Microsoft System Admins? A brief history of Microsoft in the Information Technology Deptartment Lou Herman leaves Austin Community College and is survived by Bill Carter as AVP for Information Technology 2000 2007 ACC File Server NT 4.0 Server Inherited the Infonet domain Acquisition of Dell Servers to host the following Apprentice mentor for CIS student learning Exchange Server 2000 Compass/ESL Domain Deployment. Batch scores to Datatel. Business Dept. request for file storage. Start of HBC Domain Server 2000 AD DC Deployed Symantec Corp. 7.5 Antivirus HBCFILESRV ACCADC/ACCBDC – ADDC ACCITFS01 – File Server IT-IMAGE – Image Storage ITSRVS01 – Symantec ITSRVS02 – MS Update ITMS-WWW – WWW3 iCal - Calendar IT34357 – Remedy Honeywell1 Honeywell2 PowerWeb – Fortis Records – Fortis ITMSSQL1 – SQL Server Test2008 - 2008 Compass/ESL Domain design Adult Basic Education request for application server. Hired by ACCNet to administer servers Update and take over administration for Mathmatica Install and deploy Access-A-File (Yech) 09/2000: Server support transferred to Rick Saylor under Systems. Move to SVC 10/2001 Creation of new Active Directory primary and backup domain controllers: ACC.Austincc.Edu Move Remedy to new server Deployment of Windows Update Server: ITSRVS02 IT-Image goes online for the creating and deploying of unified images over a network, Ghost being primary tool. Upload service for workstations investigations. Bill Carter Exits Gary Weseman takes interim position Microsoft Support Services. 2007 2010 System moves to IP KVM switches. Rewired server room racks. Compass goes Internet. Compass Domain is decommissioned. HBC Domain Users are migrated to ACC domain Deployed ACCITFS01 for college-wide file storage using ACC SAN and Fiber Channel technology. Begin migration of data off HBC file server to ACCITFS01 First VMWare servers deployed Testing and implementation of MicroMain, iCal and QuickAddress Pro. Prepped, racked and installed Server 2003 on 2 systems for Honeywell controls. Domain usage grows to include public access in some cases. Adoption of Desktop lockdown GPO’s were developed to deter users from non-approved computer usage. HBC Domain taken offline. OIE Rolls out 3 SAS Servers: SAS Metadata, SAS Web SAS SQL VMs become popular: Entrinsik, Resource 25 Datatel UI, Sage Fundraising ClassClimate, Student Zen Hardware to VM: QAS, ITMSSQL1, iCal, Shadow, Snap Survey, ACCITFS01, IT-IMAGE All Active Directory Domain servers upgraded to Windows 2008R2. Stan Gunn New AVP of IT hired 08/2008 Services take over Admin of Continuing Ed. Domain Round Rock Campus goes online. All PCs to have Windows 7 Installed and joined to the ACC domain. Windows Deployment Service implemented on ITIMAGE. PXE network boot ported to all campuses. Microsoft Distributed File Service adopted as primary source for all network data storage sharing allowing for optimal High Availability Bob Carnaghi Hired to replace Andrew Dickerman Services Dept. fully populated Microsoft Support Services. What do we currently have in place here at ACC? Internet! Primary Domain Controller Backup Domain Controller Management and Security Policies Distributed File System (DFS) SQL Server File Storage and Management Clients Application Servers Hard or Virtual Exchange Server Image Deployment Service Windows Update Server Internet Informational Server Key Management Service Microsoft Support Services. • SQL support • Image Retention • Exchange support • User management • Image management • Desktop deployment • Remote data servicing • Print server management • Quotas and file restrictions • Storage space management • Windows patch management • High Availability maintenance • Backup and Restoration service • Distributed File Service support • Maintenance of Active Directory • Application platform management • Security management (Virus protection) • Securing Active Directory through domain policies And as administrators for a Microsoft Shop some of the things we do are: Microsoft Support Services. Not to mention environment and application support for a few Microsoft Windows based server apps. Support Services. MicrosoftMicrosoft Support Services. And Yes We even do a little Microsoft Support Services. Some projects Bob and I are working on top of day to day duties • • • • • • • • Moving all current domain users and departments to Distributed File Service Upgrading the Windows servers to 2008R2 where possible. Reconfiguring the primary file server ACCITFS01 to make space more available. Continued migration of the Continuing Education department to the ACC domain. Fine tuning Windows Deployment to better meet the needs of end users Server upgrades for Facilities and Dispatch. Ongoing patch management to servers Research on new desktop security software (We will not continue with Symantec next year). • Research into the deployment of O.S. Streaming for virtual desktop use Microsoft Support Services. And we actually have a roadmap for the FUTURE GROWTH of the ACC COLLEGE-WIDE Windows user base support! Which is… Microsoft Support Services. Server Group DC - ADC DC - BDC DC - DDC DC - EDC DC - RRC Operation Projects, directions and plans for the future Active Directory D.C. at each campus • • • Securing the servers. Structure for domain group policies. Integration of future child domains Resource Management Campus Servers • • • Replicated SAN at HBC and SVC = High Availability Quota and File Filtering Projection for future data space needs Desktop Deployment OS Streaming • • Thin-client for Lab, Kiosk and Dept. Useage Mac OS Support Desktop Security Update Mirrors • • • Dell Patch Management for Server/Workstation Event Log-file Resource for all servers. Reporting trends. ACCITFSRRC ACCITFS02 ACCITFS01 Fiber Channel SAN ACC DFS IT-Image - WDS ITSVCS01 - SEP ITSVCS02 - WUS ITSVCS03 - ESET ACCITKEY Asset, Security Patch Management ACC IT APPS HW VM Platform and Application Support ???????????? Microsoft Support Services. Under “Normal” circumstances, responsibilities would be farmed out to appropriately trained administrators. This would allow for focus and attention to details to what ever responsibility they are assigned to… such as… Microsoft Support Services. Active Directory Administration • Creation and management of directory infrastructure • Monitor and reporting associated with the reliability and security of the domain • Domain Controller Management • Policy monitoring and compliance • Communication and coordination • Secure remote administration of the DCs and member servers managed by the Infrastructure Group • Manage group policy at root of domain and for Domain Controllers OU • Creation, testing, and management of GPOs intended to be used by multiple OU Admins • Manage the Users and Computers Containers • Install and manage security reporting tools used to monitor changes to the Active Directory • Delegate monitored data and elevated privileges to others as needed • Create and maintain the test domain as a reasonable approximation of the production domain • Coordinate and configure alarm distribution to OU Admins for OU-related events • Plan and manage all migrations and upgrades related to the AD or the DCs • Verify new software deployments and GPO policies work by testing them in the Primus test domain as appropriate • Ensure overall security and integrity of their managed OU hierarchy • Account management • The OU administrator will designate which administrators have "account operator" access to the Windows user accounts for users in their department. • Group Policy Object (GPO) administration, troubleshooting, and management • Publishing resource objects from their OU hierarchy in the Active Directory as applicable • Manage Group Policy Object (GPO) links in OU hierarchy • Coordinate activities of Member Server owners • Policy Compliance • Contact information. • Verify new software deployments and GPO policies work by testing them in the Primus test domain as appropriate. • Communication and coordination • Host and maintain server (i.e., IIS, business specific service, etc.) • Patching/software upgrades • Volume/partition space management • Hardware migration Software licenses for all member server(s) added to their OU hierarchy • hardware maintenance for all nonInfrastructure-managed member servers • Operating system maintenance for all non-Infrastructure-managed member servers • Maintain level of member server system security by applying Service Packs and security patches • Department application, file service, workstation and printer support • Create printer objects and access control lists. • Backup/recovery • Full disaster recovery plan and practice Microsoft Support Services. Desktop Management • • • • • • • • • • • • • • Planning deployment strategies. Manage Windows Deployment Servers Secure access through Active Directory Test and maintain boot images. Failover and Disaster recovery policies Testing for Windows compatibility for all supported ACC applications. Packaging and distribution of application packages as options during a bare metal Windows installation. Incorporating new drivers as new hardware becomes common. Updating images as major Windows and program security patches are released. New distributable images Troubleshooting deployment problems. Resource monitoring, maintenance and upgrades strategies for servers. Communication with workstation support for warrantee and model end of life. Training of personnel in the use of product. Resource Management • Take request for new domain share request • Maintaining high availability of file • Research cross platform remedies for access of shared resources. • Creation of Distributed File service nodes and management of file sharing. • Quota management based on limits determined by the Technology and IT departments. • File filtering for acceptable use • Monitoring and maintaining log files of resources. • Replication of files • Backup strategies and management. • Restoration of files upon requests • Archiving of department folders upon request. • Proactive malware/spyware/virus threat protection • System hardware monitoring and planning for system hardware replacement and migration. • Printer management and services Asset, Security and Patch Management • Deployment and management of multiple Microsoft Key Management servers. • Monitoring current licensing of Microsoft Volume License product • Dell asset compliance with Microsoft licensing. • Research and deploy Endpoint protection using management console provided by Antivirus security software. • Virus remediation through console management. • High availability and disaster recovery of servers. • Asset management of servers and patch management to firmware • Maintaining and monitoring Windows Update services. • Notification of major updates so new image deployment can be tested. • Checking security updates to understand what they do and Filtering updates as needed for both desktop and server platforms. Microsoft Support Services. Microsoft Support Services. There is no question here. To properly maintain a Microsoft environment on both server, network and workstation level efficiently, a support backbone must be in place Microsoft Support Services. Truth is I could use at least three more BOBs!!! But seeing that cloning is illegal, We could most certainly settle for A few more positions, like… Microsoft Support Services. Job Title: Microsoft Domain Administrator Job Title: Microsoft Resource Administrator Job Title: Microsoft Server and Desktop Deployment Administrator (Me! Me! Me!) Job Title: Microsoft Asset, Patch and Security Administrator Job Title: Microsoft Platform & Application Administrator Microsoft Support Services. Because if we don’t, many things will be overlooked and Windows will look like: Microsoft Support Services. Microsoft Support Services. Full of holes Microsoft Support Services. Microsoft Support Services.