Creating a Deployment Roadmap

Deployment Teams

The organization creates a deployment team consisting of both a server and a client team. Each team has representatives from each of the primary operating companies. Their goal is to develop a model for both server and client operating environments that can be used and applied at all of the operating companies. As such, their goal is to establish and validate a design and deployment process that can be used by all of the operating companies rather than to deploy Windows 2000 in a production environment. They divide their plan into three phases:

Phase 1: Infrastructure backbone design and development
- Establish core services for the primary corporate domain
- Deploy servers in major corporate offices
Phase 2: Deployment planning at the operating companies
- Establish pilot domains in all operating companies
- Configure sites and site-link bridges
- Create user accounts
- Establish trusts between Windows NT Server 4.0 and Windows 2000 domains
- Pilot Windows 2000 Professional in multiple operating companies
Phase 3: Migrate primary services from Windows NT Server 4.0 to Windows 2000 Server
- Windows Internet Name Service (WINS)
- Dynamic Host Configuration Protocol (DHCP)
- Print
- Web servers using Windows Internet Information Services (IIS)

One of the first tasks the team accomplishes is creating a list of the primary concerns and risks for the overall project. This list includes:

Recognize that the coordination required to build a global enterprise is unprecedented. (It takes an average of three years to deploy an operating system for both servers and clients throughout all operating companies.)
Prepare for coexistence with UNIX and mainframe line-of-business applications, as required. (For example, many operating companies have Sun RISC 6000 Servers containing an accounting program running on the Windows NT Server 4.0 operating system.)
Provide tools to move and merge parts of the forest, when necessary, based on internal company changes and frequent acquisitions, mergers, and divestitures.
Fill the position for a first domain administrator who is:
- Responsive to change requirements and root domain support.
- Able to effectively delegate child domains and site creation.
Recognize that a single schema might not meet the configuration requirements for all operating companies; therefore, a directory synchronization tool might be required for interoperation among the companies.
Recognize corporate Internet Protocol (IP) dependencies, such as:
- Firewalls
- Network performance

The Server Deployment Team

The server deployment team is responsible for planning and designing the server deployment process based on the phases defined for the overall deployment team. The server deployment team is further divided into teams focused on technical planning, Active Directory, logistics, and migration. The strategic goals the server team identifies are:

Define Windows 2000 Active Directory services that can be used by all operating companies.
Develop a migration plan from the current Windows NT Server 4.0 environment to a Windows 2000 environment.
Develop short-term preparation steps.
Implement a corporate backbone pilot.
Implement guidelines and Windows 2000 models for all operating companies.

Figure 2.3 illustrates the project management framework the server team is using for deploying Windows 2000.

Enlarge figure

Figure 2.3 Server Deployment Process for a Multinational Manufacturer

Server Phase 1: Determine Features to Implement

The primary goal for the server deployment team is to create deployment standards for a common directory and domain model that all operating companies can use. They also need to establish a global Windows 2000 infrastructure to support all of the operating companies. First, the team focuses its attention on designing an infrastructure backbone using the main corporate IP backbone points of presence worldwide. The backbone is a logical backbone of root namespace and domain controllers, not a physical network backbone. Using the Windows 2000 infrastructure, they need to develop a backbone that all of the operating companies can join. Each operating company needs to interface at the forest root and share a common global catalog.

Then, the team starts to identify specific technologies that the enterprise will require based on business needs. For example, because English is the common language for all system administrators worldwide, MultiLanguage capability at the server level is not required. The specific issues they decide to focus on include:

Designing domains and sites
Designing organization units
Determining use of DNS or WINS name resolution
Understanding replication and containers of Active Directory
Synchronizing Exchange directory service with Active Directory
Designing the Windows 2000 Active Directory
Developing standards for a common server operating system configuration
Determining domain controller and Global Catalog placement criteria and where they will be located

Table 2.3 provides a checklist of activities that the company developed to determine when the server team's Phase 1 goals are complete.

Table 2.3 Phase 1 Milestone Completion Checklist

Completed	Item
	Establish pilots of four to six servers in a minimum of three locations.
	Get approval to use <domainname>.net/<domain>.int for the root domain name.
	Install Windows 2000 Server in a specified number of corporate IT points of presence.
	Define the <company.XXX> DNS structure, including:
	Configure integrated DNS dynamic update server for the <company.XXX> domain in European location X.
	Configure an integrated DNS dynamic update server in US location A.
	Update the core IT servers with the new domain information.
	Verify record serialization and zone transfer with the core operating site.
	Start Direct Host at <company.XXX> on mm/dd/yyyy.
	Define the core operating configuration, including:
	Establish global catalogs at European locations X and Z.
	Identify subnets.
	Create X number of sites.
	Establish site links between European locations X and Z.
	Enhance management capability by installing Windows 2000 Terminal Services for remote administration.
	Enable electronic software distribution by configuring backbone sites to replicate Windows 2000 builds to European location Z.
	Create the directory service in a pilot scenario by:
	Populating the pilot directory service from the corporate directory data (200,000+ names).
	Verifying replication and load on the system.
	Deleting the population after the test.

Server Phase 2: Prepare Final Server Architecture Design and Conduct Pilots

The team is now ready to focus on phase 2 and begin establishing the various operating company domains for the pilot. Some domains are new, while others will be migrated from Windows NT Server 4.0. The specific issues they have decided to focus on include:

Design the Active Directory structure and validate it in the test lab.
Develop migration plans for Windows NT Server 4.0 to Windows 2000 Server.
Develop a standard installation process for server deployment.
Establish an enterprise integration lab.
Define specifications for other Windows 2000 features.
Activate a communications plan to end users, including IT in other operating companies, IT administrators, and desktop users.

Table 2.4 provides a checklist of activities the company developed to determine when the server team's Phase 2 goals are complete.

Table 2.4 Phase 2 Completion Checklist

Completed	Item
	Identify 10 pilot locations, including four in the USA and five in Europe, one of which is the European client lab.
	Deploy 18 to 24 servers in a pilot environment.
	Deploy 30 to 40 workstations in a pilot environment.
	Configure the corporate IP backbone through a virtual private network (VPN) by configuring firewalls for VPN access between operating companies and appropriate corporate backbone locations.
	Define administrative delegation, including:
	Pre-create domains for the operating companies.
	Delegate operating companies into DNS zones.
	Create a domain for the operating companies, including:
	Installing operating company domains in five European and four US locations.
	Identifying participating operating company subnets.
	Creating sites and delegating site management.
	Creating site links between operating company sites and backbone sites.
	Establishing a global catalog at every participating site (not operating company).
	Define delegations for each operating company, including:
	Creating an organizational unit structure within the operating company domain.
	Delegating administration of organizational units.
	Determine user accounts and create accounts for members of the server and client deployment teams.
	Attach client computers belonging to the Windows 2000 deployment team to the operating company domains.
	Establish a Windows NT Server 4.0–style trust as a production resource domain for the operating company.
	Integrate WINS in the operating company backbone as appropriate.
	Integrate Microsoft® Exchange Server by configuring the Active Directory Connector at each operating company and providing one-way synchronization to update Active Directory information.
	Create a certificate authority.
	Create directory service replication.
	Deploy Windows 2000 Professional in coordination with the client deployment team through:
	Developing an unattended setup of a client prototype in different domains.
	Using Group Policy for clients on all domains.
	Installing MultiLanguage packs on a client prototype with three sample languages.
	Enabling international client roaming.
	Installing and using each operating company's standard software on all sites that are Group Policy object–based.
	Ensuring that workstations can access Windows 2000–based resources through existing Windows NT 4.0 Remote Access Services.
	Define users by:
	Using Group Policy for users on all domains.
	Ensuring that user roaming in different domains is operating correctly (default client language needs to be identical).
	Ensuring that user roaming internationally is operating correctly (different default client languages).
	Ensuring that resource access in different worldwide domains is operational.

Server Phase 3: Present Migration Plans to Operating Companies

The focus for phase 3 is on migrating services from Windows NT Server 4.0 to Windows 2000. The services will be migrated following a risk assessment designed to reduce the impact on existing production systems. As the team achieves some success in migrating key components, the level of complexity increases, which in turn increases risk. The deployment team will present the plans to the operating companies for use as prototypes after the team completes thorough testing. The activities during this phase include:

Present a migration strategy.
Introduce Windows 2000 concepts and proposed designs to the operating companies.
Market the proposed design to executive management (IT Review Board).
Market the project and proposed design to end-users.
Prepare a disaster recovery plan to ensure business continuum, especially:
- A backup strategy
- A rollback (fallback) strategy to Windows NT 4.0 after migration to Windows 2000

Table 2.5 provides a checklist of activities the company developed to determine when the server team's Phase 3 goals are complete.

Table 2.5 Phase 3 Completion Checklist

Completed	Issue
	Determine site migration locations in multiple geographical locations including North America, Europe, and Asia.
	Determine the number of servers to migrate for each domain and each site.
	Determine the number of client computers to be migrated for each domain and each site.
	Conduct WINS migration by incorporating a Windows 2000 WINS server in an existing environment.
	Conduct a DHCP migration by incorporating a Windows DHCP server into an existing environment.
	Conduct a print server migration by selecting a number of print servers that are not Windows NT Server 4.0 domain controllers and upgrade them to Windows 2000.
	Conduct an Internet server migration by implementing a Windows 2000 deployment Web site using IIS 5.0 and creating a pointer from the existing central site. Replicate content from the trial site to the new site. Add DNS records to this server.
	Reduce resource domains by selecting a Windows NT 4.0 resource domain and migrate it to Windows 2000 Server.
	Create new account domains by migrating the Windows NT 4.0 account domain primary domain controller to Windows 2000 Server.

The Client Deployment Team

The greatest challenge for the client deployment team is to work with all of the operating companies to get consensus on one client computer configuration. The existing client operating systems in the organization include Windows 95, Windows 98, and Windows NT 4.0 Workstation. Additional client issues the team considers are:

Reducing the number of applications in use company-wide. There are currently 1,000 or more applications, making it difficult for the IT team to provide support.
Changing the IT focus from the traveling computer to the traveling user.
Studying whether to change from the existing method of deploying software in Windows NT Server 4.0.
Providing more hardware support for laptop computers.

The team needs to develop a proposal that will help the operating companies decide whether to upgrade their clients or their server infrastructure first. While the team realizes that both options are possible, the members decide that the following issues in favor of upgrading the server infrastructure first are relevant for the organization:

More centralized control over the client computers.
Limit users' capability to modify the client computer configuration.
Use Windows 2000 tools for installation.
Have a global catalog enabled for all users to access.

The team discovers that most of the operating companies in the organization would like to upgrade their servers first, and then after Active Directory and a global catalog are enabled, implement Group Policy and other change and configuration management tools for more granular client computer administration. They also realize that deciding whether to upgrade the servers first is particularly important if the team plans to recommend the use of Windows 2000 Group Policy for software deployment. The team will need to study how the use of Group Policy will affect Active Directory.

This organization has the following goals for the client architecture team:

Develop a standard client configuration as a modular product for all of the operating companies.
Create a reference installation including hardware, software, and operations.
Design a framework for a global model that allows users to log on anywhere in the world.
Develop a model for training and helpdesk support.

The client team's work is divided into two phases:

Phase 1: Client standard configuration issues
Phase 2: Software logistics

Phase 1: Client Standard Configuration Issues

To meet their worldwide business use goals, the client team decides to use a standardized configuration that includes:

Windows 2000 Professional clients
Microsoft® Office 97 or Office 2000
Virus scanning capability
Web browser
E-mail client
MultiLanguage capability
Windows Terminal Services capability (ensure that client design is suitable for Terminal Services).
Enabling international client roaming so that users can connect or dial-up to the corporate IP backbone from anywhere in the world and access:
- Personal settings for desktops and applications.
- Personal documents and mail available everywhere.
- Enterprise-wide standard software.

Phase 2: Software Logistics

During phase 2, the team focuses on developing a strategy for getting the new operating system and client configuration to both stationary and mobile clients in a stable and efficient manner. The team identifies the following issues:

Creating installation packages for:
- Enterprise applications.
- Common applications for all operating companies.
- Custom applications for each operating company (as necessary).
Creating a guide for installation packages to include:
- Standardized package development worldwide for all operating companies.
- Unique installation package per application worldwide for nonstandard software.
Application repackaging as necessary for each operating company.
Assigning installation packages:
- For all users.
- For user groups by function or organization.
- For client specific needs.
Installing applications based on user demand

The client deployment team has found that management wants to continue the practice of installing new client operating systems and configuration images in conjunction with buying new hardware. The average operating system deployment in this organization takes three years. Internal TCO studies determine that spending more money up front on better hardware and then upgrading the new client configuration image prior to installing the new hardware on users' systems reduces TCO.

Additionally, significant client benefits for system administrators and IT professionals are based on new features and enhanced functionality; whereas, users and executives need to see tangible evidence that productivity is enhanced. Therefore, buy-in by both executive decision-makers and end-users is required before the project can move to the deployment phase in each operating company.