calnet active directory micronet presentation
DESCRIPTION
CalNet Active Directory Mike Blasingame Blaine Isbelle Michael Leefers Curtis Salinas Forrest Smalley History •2002 CalNet AD forest created, integration with CalNet completed, Haas, COIS, and IST early adopters •2001 CalNetAD Project started to implement campus Active Directory forest •2000 IST-CNS proposal to implement a centrally supported single-forest Active DirectoryTRANSCRIPT
![Page 1: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/1.jpg)
CalNet Active Directory
Micronet PresentationOctober 22, 2008
Mike BlasingameBlaine Isbelle
Michael LeefersCurtis Salinas
Forrest Smalley
![Page 2: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/2.jpg)
CalNet Active Directory
History•2000 IST-CNS proposal to implement a centrally supported single-forest Active Directory
•2001 CalNetAD Project started to implement campus Active Directory forest
•2002 CalNet AD forest created, integration with CalNet completed, Haas, COIS, and IST early adopters
![Page 3: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/3.jpg)
CalNet Active Directory
AdvantagesDomain Controllers integrated with campus DNS
User accounts integrated with CalNet ID
Hardware infrastructure and infrastructure support provided free
Facilitates central management of user and computer objects through GPOs
CalNetPKI integration
Integrated authentication with AD-aware applications
![Page 4: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/4.jpg)
CalNet Active Directory
Getting StartedRead CalNetAD policies
Send a request to join
Agree to SLA
OU Administrator mailing list
CalNet ID of first administrator and DNS name of first computer
![Page 5: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/5.jpg)
CalNet Active Directory
Best PracticesCalNetAD Tools
•CalNetAD Website calnetad.berkeley.edu•FAQ’s•Web Tools (Move User, Reset Campus passphrase, Create Computer)•Scripts (Create User, Create Computer, and more)
Group Policy
![Page 6: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/6.jpg)
• Basics & Inheritance• Loopback processing• Remote tools• Software publishing• Group Policy in use
CalNet Active Directory
![Page 7: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/7.jpg)
– What can I do with group policy?– Assigned to containers (sites, domains, OUs)– Applied to computers and user objects
• Computer section at startup• User section at login• Top-down processing
CalNet Active Directory
![Page 8: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/8.jpg)
CalNet Active Directory
![Page 9: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/9.jpg)
CalNet Active Directory
![Page 10: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/10.jpg)
CalNet Active Directory
![Page 11: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/11.jpg)
CalNet Active Directory
![Page 12: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/12.jpg)
CalNet Active Directory
![Page 13: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/13.jpg)
• Loopback processing– Applies policies to user objects outside of your control
• Labs• Student workers• Terminal servers• Virtual desktops
– Merge mode– Replace mode
CalNet Active Directory
![Page 14: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/14.jpg)
• Remote tools– Remote Desktop
• Benefits• Security• Terminal Services Gateway
– Remote Assistance• Solicited vs. Unsolicited
CalNet Active Directory
![Page 15: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/15.jpg)
• Software publishing– Can be applied to either a computer or a user– Assigned versus Published
CalNet Active Directory
![Page 16: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/16.jpg)
CalNet Active Directory
![Page 17: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/17.jpg)
CalNet Active Directory
![Page 18: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/18.jpg)
CalNet Active Directory
![Page 19: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/19.jpg)
• SQL 2005– User rights
• Log on as a service, Log on as a batch job, etc.
– Group memberships– Service startup type and permissions– File permissions– Registry permissions– Audit policy
CalNet Active Directory
![Page 20: CalNet Active Directory Micronet Presentation](https://reader033.vdocuments.site/reader033/viewer/2022052703/568c0f2f1a28ab955a9331d3/html5/thumbnails/20.jpg)
CalNet Active Directory
Best Practices -WSUS
• GPO: Campus – WSUS• GPO: Campus – Block IE7 install (use IST WSUS)