Scenario 1: Multinational Financial Services

This organization has nine distinct operating companies, each with its own IT organization, and no common IT standards. As an organization, they experience problems with security policies, domain structure, and network configurations. Most of their servers are currently running Microsoft® Windows NT® Server 4.0. The key objectives they want to accomplish are to create:

• A new IT environment with Windows 2000 functionality.
• A common directory for all nine operating companies.

The deployment team identified several key issues that define how they stage their deployment, as follows:

• Phase 1: Assessment
• Phase 2: Design and Engineering
• Phase 3: Testing
• Phase 4: Migration (Deployment)

Phase 1: Assessment

During the assessment phase, IT management from each company agrees on the need for a common namespace. Although several Domain Name System (DNS) names are already registered by and for each of the operating companies, the challenge is to find one name to use as the root name for all companies. This single "placeholder" name needs to meet the following criteria:

• Accurately define the root of the tree for all nine operating companies.
• Be new to the organization (never been used by any of the operating companies, either internally or externally).

IT management defines global engineering teams that are split into eight working groups based on plans for a basic configuration that can be tested, modified, and customized for each operating company. Table 2.2 shows the deployment teams and their responsibilities.

Table 2.2 Deployment Planning Teams

The team determines that the business and IT needs will be principally met through the following:

• Active Directory
• New domain design
• IntelliMirror
• Distributed File System
• Disk Quota Management
• Remote OS Installation
• Synchronization of Active Directory with Exchange directory services

Phase 2: Design and Engineering

The primary issue during this phase is to decide whether the domain root name needs to be visible or accessible through the Internet or available only internally. An Internet presence already exists for the entire group of operating companies, so the intranet name needs to be different. An internal root name is created as a placeholder name so that individual domains can be created for each of the nine operating companies. Each company retains autonomy in areas such as configuration creation, management, and security.

They also use this phase to design and test the configuration for each feature. Then, the teams work together to determine how the selected Windows 2000 features affect each other. They also create training documentation and start developing a support plan.

Primary Goals

As the driving force behind the migration to Windows 2000, Active Directory and domain design need to meet the following business and IT criteria to be acceptable for all operating companies:

• One root domain is necessary so that all operating companies can participate in a common directory.
• Each business unit wants to retain complete administrative control of its entire organization, including all separate Windows NT Server 4.0 domains and structures, and to be totally independent of any other operating company.
• Domain and directory design has to be flexible enough to allow for company acquisitions, divestitures, and reorganization of existing operating companies.
• Each operating company is responsible for its own domain and everything below it based on that operating company's specific needs.

As the Active Directory design is developed, the migration team needs to consider issues of computer cloning versus computer upgrade. Computer cloning is a process in which you create one installation and configuration for new operating system installations and then copy that configuration to all new computers you install.

Because the namespace decisions are so important to meeting the company's goals, a namespace design board is formed with representatives from the IT groups of each operating company. The senior management of the board and the IT organizations of each operating company need to agree on the final namespace design. The namespace design factors they consider include:

• Impact on Windows 2000 domain model
• Impact on existing Windows NT Server 4.0 namespace
• Conflicts with the existing DNS namespace

The company considers both domain design and DNS to be critical decision points when upgrading from Windows NT Server 4.0 to Windows 2000 for two reasons:

• If the proposed Windows 2000 domain structure mirrors the existing Windows NT Server 4.0 domain structure, then they can upgrade directly from their Windows NT domain to their Windows 2000 domain.
• If they decide to use the same Windows 2000 domain structure they used in Windows NT Server 4.0, then they need to have two parallel domain structures. They also need to keep the Windows NT environment until they have stabilized the new Windows 2000 environment.

The team determines that the upgrade or migration decision will be dictated by:

• The existing domain structure
• The existing functionality
• New functionality that they will implement because of Windows 2000

The team then realizes that deciding what will exist in each domain requires analysis of the following items:

• Assessing the problems in their current Windows NT Server 4.0 domain design.
• Deciding which Windows NT Server 4.0 features they want to continue in the Windows 2000 domain design.
• Deciding which new features of Windows 2000 they want to implement based upon their added value to the new domain structure.
• Determining if they have a native Windows NT Server 4.0 environment, or if it has been modified or customized (either by in-house development teams or a third-party solution provider or developer).

  For example, this organization uses an in-house scripting tool that associates users with specific applications. This tool performs application publishing similar to Windows Installer in Windows 2000, so a decision needs to be made whether to continue using the in-house tool or to use Windows Installer. Using Windows Installer would reduce internal development costs and thereby reduce total cost of ownership (TCO). As a result, they decide to use Windows Installer.

For more information about Active Directory domain design, see "Designing the Active Directory Structure" in this book. For more information about domain migration, see "Determining Domain Migration Strategies" in this book.

Secondary Goal

Their secondary goal is to determine other features of Windows 2000 that are beneficial to their environment, but which might not be features of Windows NT Server 4.0. Then, they develop a plan to determine if the new features are appropriate for their environment. For example, this sample organization decides that the following features meet their business and IT needs:

Offline Files   Portable computer users can have access to network data when traveling by having personal and network files on their local computers. For nontraveling end-users, this feature helps ensure continuous end-user productivity if the LAN or WAN has service interruptions, because files are stored on the user's local hard-drive.

Fault-tolerant Distributed File System   With Distributed file system (Dfs), they can create a single directory tree that includes multiple file servers and file shares for a group, division, or enterprise. This allows users to easily find files or folders distributed across the network. Having a fault-tolerant Dfs is linked to roaming user profiles, which are already in use through their Windows NT Server 4.0 infrastructure. Files can be stored on the network, providing improved replication among the company's partners.

Disk Quota Management   Disk quota management allows the company to use volumes formatted with the NTFS file system to monitor and limit the amount of server disk space available to individual users. They can also define the responses that result when users exceed the specified thresholds. In the past, the organization used third-party tools. They are moving to Windows 2000 native tools in an effort to reduce in-house development costs and total cost of ownership (TCO).

Remote OS Installation   An enhanced scripting process for installation already exists in this organization, but scripts must be updated every time the basic client computer configuration changes. They will use Windows 2000 Remote OS Installation to deploy Windows 2000 Professional for first-time installations, and also use Remote OS Installation for rapid updates of malfunctioning computers. They plan to use Remote OS Installation in conjunction with IntelliMirror to accelerate and simplify computer replacement, resulting in reduced TCO.

Exchange directory service with Active Directory integration   This organization plans to synchronize Exchange 5.5 directory using the Active Directory Connector (ADC), and eventually integrate the directory services when the organization upgrades to the next version of Exchange.

Phase 3: Testing

This sample organization set up a test lab for feature and pilot testing. They want to simulate the actual conditions of their production migration. After the lab and pilot tests validate the migration process, the organization will be ready to begin the production rollout. The preliminary design pilots will be rolled out to IT personnel during the design phase so they can test and refine the designs.

The initial design issues they plan to test and evaluate include:

• Active Directory design (placeholder domain and four child domains).
• Standard client configuration.

Their pilot objectives include:

• Evaluate Windows 2000 and the proposed Active Directory model in a real production environment.
• Use new technology that is native to Windows 2000 as much as possible.
• Merge the standard client stationary and mobile configurations.
• Demonstrate the proposed future configuration to business units throughout the organization and collect constructive criticism.
• Consolidate and refocus isolated Windows 2000 projects within the entire organization.

During this phase, the deployment team redesigns and tests until consensus is reached. The new design needs to meet the following acceptance criteria:

• Increases stability
• Provides an improved working environment
• Can be managed with current and new or additional administrative resources
• Meets budget requirements

After the domain design is tested and finalized, each global engineering team within the organization will sign off on the domain design. Then, the design must be approved by higher IT management through all nine operating companies.

Phase 4: Migration

Because the organization finds it necessary to maintain Roaming User Profiles for mobile users, they decide to maintain two parallel environments throughout the transition period. Many roaming users who upgrade to Windows 2000 at home will find that their work environment has not yet upgraded. By maintaining parallel environments, the infrastructure will support all users and allow them to access their files, regardless of which operating system they are using.

However, migration needs to occur as quickly as possible. The organization plans to maintain the dual Windows NT Server 4.0 and Windows 2000 environment for 12 to 24 months. Users will be able to remain in both environments until the IT environment in all nine operating companies is completely transitioned to Windows 2000.

For this organization, collapsing the Windows NT Server 4.0 environment is the most critical decision point for their entire migration. They want to be sure that they perform adequate lab and pilot testing to alleviate any significant problems that can arise as a result of improper design. By performing adequate testing, they hope to avoid causing network downtime. After they complete testing, they will proceed with migrating to Windows 2000 throughout the operating companies and then collapse the Windows NT Server 4.0 environment.

© 1985-2000 Microsoft Corporation. All rights reserved.