Microso ft ® @ Austin Community College Bigger Trailers. Heavier loads. Same Old Tractor.
Dec 25, 2015
Microsoft®
@Austin
CommunityCollege
Bigger Trailers. Heavier loads. Same Old Tractor.
Once upon a timeAt a campus not too
far away
There was a Mac
Surrounded by HUNDREDS of
PC’s!
Happily running MicrosoftOperating Systems
Like DOS 6.2 or Windows 3.1
Then, along came
ACCNet
And Richard Fonté said it was good.
When ACCNet went live…
ACC ordered lots of DELLSRunning Windows® 95
Next came a server
What OS does it run?
And who gets hired to admin it?<drumroll>
Dude, it’s a DELL!
Microsof NT 4
A command line challenged, GUI-Dependent tech that used to teach art and woodworking for 13 years.
Linux - 3%
AIX - 2%
Mac - 12%
Windows - 81%
Novell - 2%
And yet…
ComputersAnd Servers
“We are a Microsoft Shop.”- Bill Carter
Can you spot the Microsoft System Admins?
Lou Hermanleaves
Austin Community Collegeand is survived by
Bill Carteras AVP for
Information Technology
A brief history of Microsoft in the Information Technology Deptartment
Microsoft Support Services.
2000
Hired by ACCNet to administer servers
ACC File ServerNT 4.0 Server
Apprentice mentor for CIS student learning Exchange
Server 2000
Business Dept. request for file storage.
Start of HBC DomainServer 2000 AD DC
Compass/ESL Domain design
Adult Basic Education request for application
server.
09/2000: Server support
transferred to Rick Saylor under
Systems.
Inherited the Infonet domain
Move to SVC10/2001
Compass/ESL Domain Deployment. Batch scores
to Datatel.
Install and deployAccess-A-File (Yech)
Update and take over administration for
Mathmatica
Deployed Symantec Corp. 7.5 AntivirusHBCFILESRV
IT-Image goes online for the creating and deploying of
unified images over a network, Ghost being
primary tool. Upload service for workstations investigations.
Creation of new Active Directory primary and
backup domain controllers:ACC.Austincc.Edu
Acquisition of Dell Servers to host the following
ACCADC/ACCBDC – ADDCACCITFS01 – File Server
IT-IMAGE – Image StorageITSRVS01 – Symantec
ITSRVS02 – MS UpdateITMS-WWW – WWW3
iCal - CalendarIT34357 – Remedy
Honeywell1Honeywell2
PowerWeb – FortisRecords – Fortis
ITMSSQL1 – SQL ServerTest2008 - 2008
2007
Bill Carter ExitsGary Weseman takes
interim position
Deployment of Windows Update Server: ITSRVS02
Move Remedy to new server
Microsoft Support Services.
2007
Compass goes Internet. Compass Domain is decommissioned.
First VMWare servers deployed
Stan Gunn New AVP of IT hired
08/2008
Round Rock Campus goes online. All PCs to have
Windows 7 Installed and joined to the ACC domain.
HBC Domain Users are migrated to ACC domain
2010
Services Dept. fully populated
Deployed ACCITFS01 for college-wide file storage using ACC SAN and Fiber
Channel technology. Begin migration of data off HBC file server to ACCITFS01
Domain usage grows to include public access in
some cases. Adoption of Desktop lockdown GPO’s were developed to deter users from non-approved
computer usage.
Testing and implementation of MicroMain, iCal and
QuickAddress Pro.
Prepped, racked and installed Server 2003 on 2
systems for Honeywell controls.
System moves to IP KVM switches. Rewired server
room racks.
HBC Domain taken offline.
Bob Carnaghi Hired to replace
Andrew Dickerman
VMs become popular:Entrinsik, Resource 25
Datatel UI, Sage FundraisingClassClimate, Student Zen
Hardware to VM:QAS, ITMSSQL1, iCal, Shadow, Snap Survey, ACCITFS01, IT-IMAGE
OIE Rolls out 3 SAS Servers:SAS Metadata, SAS Web
SAS SQL
Windows Deployment Service implemented on IT-IMAGE. PXE network boot
ported to all campuses.
Microsoft Distributed File Service adopted as primary source for all network data storage sharing allowing for
optimal High Availability
All Active Directory Domain servers upgraded to Windows 2008R2.
Services take over Admin of Continuing Ed. Domain
What do we currently have in place here at ACC?
Primary Domain Controller
Backup Domain Controller
Management and Security Policies
Distributed File System (DFS)
File Storage and Management
Image Deployment Service
Windows Update Server
Key Management Service
SQL Server
Internet InformationalServer
Exchange Server
Application ServersHard or Virtual
Clients
Internet!
Microsoft Support Services.
And as administrators for a Microsoft Shop some of the things we do are:
• SQL support• Image Retention
• Exchange support• User management
• Image management• Desktop deployment
• Remote data servicing• Print server management
• Quotas and file restrictions• Storage space management
• Windows patch management• High Availability maintenance
• Backup and Restoration service• Distributed File Service support
• Maintenance of Active Directory• Application platform management
• Security management (Virus protection)• Securing Active Directory through domain policies
Microsoft Support Services.
Microsoft Support Services.
Not to mention environment and application support for a few Microsoft Windows based server apps.
Microsoft Support Services.
Microsoft Support Services.
And YesWe even do a little
Microsoft Support Services.
• Moving all current domain users and departments to Distributed File Service• Upgrading the Windows servers to 2008R2 where possible.• Reconfiguring the primary file server ACCITFS01 to make space more available.• Continued migration of the Continuing Education department to the ACC domain.• Fine tuning Windows Deployment to better meet the needs of end users• Server upgrades for Facilities and Dispatch.• Ongoing patch management to servers• Research on new desktop security software (We will not continue with Symantec
next year).• Research into the deployment of O.S. Streaming for virtual desktop use
Some projects Bob and I are working on top of day to day duties
Microsoft Support Services.
And we actually have aroadmap for the
FUTURE GROWTHof the
ACC COLLEGE-WIDEWindows user base support!
Which is…
Microsoft Support Services.
Platform andApplication Support
Asset, SecurityPatch Management
DesktopDeployment
ActiveDirectory
ResourceManagement
Server Group
DC - ADCDC - BDCDC - DDCDC - EDCDC - RRC
ACC DFS
ACCI
TFSR
RC
ACCI
TFS0
2
ACCI
TFS0
1
Fibe
r Cha
nnel
SAN
IT-Image - WDS
PXE
Operation
ITSVCS01 - SEPITSVCS02 - WUSITSVCS03 - ESET
ACCITKEY
ACC IT APPS
VMHW
Projects, directions and plans for the future
CampusServers
D.C. at each
campus
OS Streaming
????????????
Desktop Security Update Mirrors
• Thin-client for Lab, Kiosk and Dept. Useage• Mac OS Support
• Replicated SAN at HBC and SVC = High Availability• Quota and File Filtering• Projection for future data space needs
• Dell Patch Management for Server/Workstation• Event Log-file Resource for all servers.• Reporting trends.
• Securing the servers.• Structure for domain group policies.• Integration of future child domains
Under “Normal” circumstances, responsibilities would be farmed out to appropriately trained
administrators. This would allow for focus and attention to details to what ever responsibility
they are assigned to… such as…
Microsoft Support Services.
• Creation and management of directory infrastructure
• Monitor and reporting associated with the reliability and security of the domain
• Domain Controller Management • Policy monitoring and compliance• Communication and coordination• Secure remote administration of the DCs
and member servers managed by the Infrastructure Group
• Manage group policy at root of domain and for Domain Controllers OU
• Creation, testing, and management of GPOs intended to be used by multiple OU Admins
• Manage the Users and Computers Containers
• Install and manage security reporting tools used to monitor changes to the Active Directory
• Delegate monitored data and elevated privileges to others as needed
• Create and maintain the test domain as a reasonable approximation of the production domain
• Coordinate and configure alarm distribution to OU Admins for OU-related events
• Plan and manage all migrations and upgrades related to the AD or the DCs
• Verify new software deployments and GPO policies work by testing them in the Primus test domain as appropriate
• Ensure overall security and integrity of their managed OU hierarchy
• Account management• The OU administrator will designate which
administrators have "account operator" access to the Windows user accounts for users in their department.
• Group Policy Object (GPO) administration, troubleshooting, and management
• Publishing resource objects from their OU hierarchy in the Active Directory as applicable
• Manage Group Policy Object (GPO) links in OU hierarchy
• Coordinate activities of Member Server owners
• Policy Compliance• Contact information. • Verify new software deployments and GPO
policies work by testing them in the Primus test domain as appropriate.
• Communication and coordination• Host and maintain server (i.e., IIS,
business specific service, etc.)• Patching/software upgrades• Volume/partition space management• Hardware migration Software licenses
for all member server(s) added to their OU hierarchy
• hardware maintenance for all non-Infrastructure-managed member servers
• Operating system maintenance for all non-Infrastructure-managed member servers
• Maintain level of member server system security by applying Service Packs and security patches
• Department application, file service, workstation and printer support
• Create printer objects and access control lists.
• Backup/recovery • Full disaster recovery plan and practice
Active Directory Administration
Microsoft Support Services.
• Planning deployment strategies.• Manage Windows Deployment Servers• Secure access through Active Directory• Test and maintain boot images.• Failover and Disaster recovery policies• Testing for Windows compatibility for all
supported ACC applications.• Packaging and distribution of application
packages as options during a bare metal Windows installation.
• Incorporating new drivers as new hardware becomes common.
• Updating images as major Windows and program security patches are released.
• New distributable images• Troubleshooting deployment problems.• Resource monitoring, maintenance and
upgrades strategies for servers.• Communication with workstation support
for warrantee and model end of life.• Training of personnel in the use of product.
• Take request for new domain share request• Maintaining high availability of file• Research cross platform remedies for access
of shared resources.• Creation of Distributed File service nodes
and management of file sharing.• Quota management based on limits
determined by the Technology and IT departments.
• File filtering for acceptable use• Monitoring and maintaining log files of
resources.• Replication of files• Backup strategies and management.• Restoration of files upon requests• Archiving of department folders upon
request.• Proactive malware/spyware/virus threat
protection• System hardware monitoring and planning
for system hardware replacement and migration.
• Printer management and services
• Deployment and management of multiple Microsoft Key Management servers.
• Monitoring current licensing of Microsoft Volume License product
• Dell asset compliance with Microsoft licensing.
• Research and deploy Endpoint protection using management console provided by Antivirus security software.
• Virus remediation through console management.
• High availability and disaster recovery of servers.
• Asset management of servers and patch management to firmware
• Maintaining and monitoring Windows Update services.
• Notification of major updates so new image deployment can be tested.
• Checking security updates to understand what they do and Filtering updates as needed for both desktop and server platforms.
DesktopManagement
ResourceManagement
Asset, Security andPatch Management
Microsoft Support Services.
To MicrosoftOr
Not to Microsoft
®
®
Microsoft Support Services.There is no question here.
Microsoft Support Services.
To properly maintain a Microsoft environment on both server,
network and workstation level efficiently, a support backbone must
be in place
Microsoft Support Services.
Truth is I could useat least three more
BOBs!!!
But seeing that cloning is illegal,We could most certainly settle for
A few more positions, like…
Microsoft Support Services.
Job Title: Microsoft Domain AdministratorJob Title: Microsoft Resource AdministratorJob Title: Microsoft Server and Desktop Deployment Administrator (Me! Me! Me!)Job Title: Microsoft Asset, Patch and Security AdministratorJob Title: Microsoft Platform & Application Administrator
Microsoft Support Services.
Because if we don’t,many things will be
overlookedand Windowswill look like:
Microsoft Support Services.Full of holes
Microsoft Support Services.
Adding thesePositions could
sure make the life ofBrian & Bob not only
more focused, butmore efficient.
Microsoft Support Services.
Thank youFor your
consideration.