Deploying & Supporting Windows Server 2003

Experiences of Early Adoption at Microsoft

Published: June 2003

00FutureFutureTechnologyTechnology

11Integration Integration PlanningPlanning

22Test &Test &PilotPilot

33EnterpriseEnterpriseDeploymentDeployment

44Sustain &Sustain &ManageManage

Four Major Phases of Deployment

● Future Technology● Integration Planning● Test and Pilot● Enterprise Deployment● Sustain and Manage

The Windows Server 2003 Operating System

● Standard Edition● Enterprise Edition● Datacenter Edition● Web Edition

Business Benefits

● Reliability● Scalability● Security

● Internet Information Services 6.0● Lower Support Costs● New Capabilities

Organizational Background

● Team Model● Microsoft Solutions Framework (MSF) team model● Microsoft Operations Framework (MOF) team model ● Microsoft Consulting Services’ practices● Microsoft It Group● Information Technology Infrastructure Library (ITIL)● Microsoft business partners.

TechnologyTechnologyIntegration & Integration &

Planning (TIP) Planning (TIP) Program ManagersProgram Managers

Microsoft IT Microsoft IT SteeringSteering

CommitteeCommittee

Messaging &Messaging &CollaborationCollaboration

ClientClientServicesServices

CorporateCorporateSecuritySecurity

EnterpriseEnterpriseApplicationsApplications

InfrastructureInfrastructureEngineeringEngineering

GlobalGlobalOperationsOperations

EISEIS

DirectoryDirectoryManagementManagement

RegionalRegionalITIT

Product Product GroupGroup

ExecutiveExecutive

Product Product GroupGroupLiaisonLiaison

Microsoft IT Deployment Team Structure

Operational Background

● Datacenter Classifications● Enterprise Data Centers● Regional Data Centers● Site Data Rooms

● System Requirements● Application Compatibility ● Network Structure● Forest and Domain Structure

● Project Scope● Server Deployment Goals● Geographical Scope● Product Scope

Project Scope & Goals

Key Features

● Application and Web Services● Availability and Performance● Directory Services (DS) Forest Management● DS Domain Management● DHCP Backup Options● File Service Improvements● Networking & Access● Security● Miscellaneous Features

Application and Web Services

● Improved IIS Reliability, Scalability and Performance● IIS 6.0 Reliability● IIS 6.0 Scalability● IIS 6.0 Performance

● Improved and Increased Cluster Support● Increase in maximum supported cluster size● Easier setup and configuration● Active Directory integration● 64-bit support● DFS and Offline Files support

● Support for 64-Bit Architecture and Applications● For computers running the Intel Itanium–based processor family● Increased linear memory addressing capabilities

● Performance Monitor Logging To SQL SERVER● Easily set up and configured by using an ODBC connection

Availability and Performance

Directory Services (DS) Forest Management● Cross-Forest Trusts

● New type of Windows trust for managing the security relationship between two forests

● Allows administrators to set up one transitive trust

● Active Directory enables authentication and authorization

● Trust Management● New wizard simplifies creating all types of trust links, including forest trusts● New property page enables management of the trusted namespaces associated

with forest trusts

● Trusted Namespaces● Used to route authentication and authorization requests for security principals● Namespaces are automatically collected and refreshed ● Overlapping namespaces are automatically disabled

DS Domain Management

● Optimized Caching● Deactivation of Schema Attributes and Classes● Single Instance Storage (SIS)● Partial Attribute Set Change● Install Replica from Media● Domain Controller Rename● Linked Value Replication

DHCP Backup Options

● DHCP MMC snap-in now provides new menu items for backup and restore

● Easily managed via a single interface in the MMC● New export/import functionality

File Service Requirements

● Shadow Copy Restore● Volume Shadow Copy Service (VSS)● Distributed File System (DFS) ● Print Service Improvements

Networking & Access

● Wireless 802.1x● Enhanced Ethernet and Wireless Security (IEEE

802.1X Support) ● Wireless Zero Configuration● Wireless Roaming Support● Wireless Monitor Snap-In● Password-based Authentication for Secure Wireless

Connections● Group Policy Extension for Wireless Network Policies● Unauthenticated Access for Wireless LAN Connections

Security

● IP Security● Support for Resultant Set of Policy (RSoP)● Command-line Management with the Netsh utility● IPSec fast failover support with NLB and Microsoft Cluster Service

(MSCS) Clustering● Certificate mapping to Active Directory provides access control

● Certificate Server / Services● PKI supports auto enrollment● Reduces overhead in administering and managing certificates

● Selective Authentication ● Allows specific user accounts from other environments to have minimal

authentication into a forest ● Reduces exposure of user accounts in non-managed environments

● Multi-Language User Interface Builds● Remote Installation Services (RIS) ● Terminal Services

Miscellaneous Features

Deployment

● Deployment Planning Stages● Benefits of the Technology● Microsoft Line of Business Applications (LOB)

Deployment Planning Stages

● Timeline and Phasing● Phase 1 – Pilot Testing● Phase 2 – Production Domains● Phase 3 – Global Rollout and Viability● Phase 4 – Reliability Testing

● PADA

Benefits of the Technology

● IAS and Radius

● Terminal Server Licensing (TSL) ● Removes all temporary licenses that are expired for 30

days

● WINS● Option in the MMC to either exclude

(PersonaNonGrata) or include (PersonaGrata) records owned by other WINS servers

● Improved advanced sort and lookup functionality

Microsoft Line of Business Applications (LOB)

● Microsoft.com● MS Sales● SAP R/3● Clarify

Lessons Learned

● Experience with the Windows Server family helped in the upgrade● No redesign of the Active Directory infrastructure was required ● In-place upgrades proved to be the most appropriate upgrade

mechanism ● Active Directory housekeeping was important● Customers will find value in generating and using tailored operational

procedures● Remote administration for highly dispersed environments could prove

to be quite cost effective● Asset management proved to be a key to successful deployment

planning● Must have a good change control process

Best PracticesAny major operating system upgrade

● Always test the operating system in a lab environment first● Test and pilot the operating system in a small pre-

production environment if possible● All business critical applications should be tested against

the new operating system in a pilot testing environment before they are upgraded in the production environment

● Good documentation and well-defined processes will facilitate the success of any deployment project

Best PracticesWindows Server 2003 upgrade

● Deploying Windows Server 2003 as an upgrade is not difficult if Active Directory is already in place

● If Active Directory is not in place, Microsoft IT recommends referring to existing deployment documentation written for Windows 2000 and Active Directory

● Windows Server 2003 can be deployed independently from the Windows XP client deployment

● Exceptions are features in Windows XP that depend upon specific supporting features of Windows Server 2003

● Real Time Communications (RTC)● Wireless networking

Conclusion

● Windows Server 2003 forest functionality● Close to 20,000 mailboxes running on Exchange

2003 ● Increased security application compatibility ● Reduced infrastructure costs

For More Information● Additional IT Showcase white papers, case studies and presentations on Microsoft IT

deployments and best practices can be found on http://www.microsoft.com

● Microsoft TechNet http://www.microsoft.com/technet/showcase

● The latest information about Windows Server 2003 can be found at http://www.microsoft.com/windowsserver2003/default.mspx

● To view Windows Server 2003 Case Studies, please visit http://www.microsoft.com/windowsserver2003/evaluation/casestudies/default.mspx

● For an Overview of Windows Server 2003, please visit http://www.microsoft.com/windowsserver2003/evaluation/default.mspx

● To review the Features of Windows Server 2003, please visit http://www.microsoft.com/windowsserver2003/evaluation/features/default.mspx

● For the top 10 Reasons for Upgrading to Windows Server 2003 from Windows 2000, please visit http://www.microsoft.com/windowsserver2003/evaluation/whyupgrade/top10w2k.mspx

● For technical Resources for Windows Server 2003, please visit http://www.microsoft.com/windowsserver2003/techinfo/default.mspx

● For Developing Applications for Windows Server 2003, please visit http://www.microsoft.com/windowsserver2003/developers/default.mspx

● Additional content on Microsoft IT deployments and best practices can be found on http://www.microsoft.com

● Microsoft TechNet http://www.microsoft.com/technet/itshowcase

● Microsoft Case Study Resourceshttp://www.microsoft.com/resources/casestudies

For More Information

This document is provided for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.

© 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft, Microsoft Press, Visual Studio, Visual SourceSafe, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.