Title of Nomination: Montana Statewide Directory Implementation Project/System Manager: Mike Boyer Title: Computing Technology Services Bureau Chief



Similar documents
Module 5 Introduction to Processes and Controls

Introduction to Active Directory Services

NOMINATION FORM. Manager, BSE - Professionalism and Business Support. Office of Information Resource Management

The. Essential. Guide. to an NDS-to- Active Directory Migration. By David Chernicoff. sponsored by. March

Windows Server 2003 Active Directory: Perspective

NOMINATION FORM. Technical Support Manager. Florida Department of Education. Address: 325 W. Gaines Street, Room B2-24.

BlackBerry Enterprise Server Version: 5.0. Upgrade Planning Guide

Table of Contents. Introduction. Audience. At Course Completion

University of Central Florida Class Specification Administrative and Professional. Director Systems and Operations

Online Voting for Better Government State IT Management Initiative

Setup and Configuration Setup Assistant Migration Assistant System Preferences Configuration Profiles System Information

Planning Domain Controller Capacity

MCSE SYLLABUS. Exam : Managing and Maintaining a Microsoft Windows Server 2003:

State of Alaska Enterprise Messaging and Directory Services Strategy Vision and Scope

Associate in Science Degree in Computer Network Systems Engineering

Town of West New York Hudson County, NJ Notice for R.F.P. (Request for Proposal)

Novell ZENworks Asset Management 7.5

Rose Business Technologies

Title of Nomination: The New York State-Local Internet Gateway Prototype Project Project/System Manager: Meghan Cook Job Title: Program Manager

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack B; 5 days, Instructor-led

Description. Need Statement

Select IT Consulting Services RFP Technical and Network Support Specialist Services (Lot Group C)

LEARNING SOLUTIONS website milner.com/learning phone

Active Directory & Consolidation Project. Category: Enterprise IT Management Initiatives. State of Missouri

Managed Enterprise Internet and Security Services

How Cisco IT Migrated to Microsoft Active Directory

2005 NASCIO AWARD NOMINATION Recognition Awards: Innovative Use of Technology OK.gov s Agency Content Management System

National Association of State Information Resource Executives

USER GUIDE. Lightweight Directory Access Protocol (LDAP) Schoolwires Centricity

The course covers Windows server 2008, Windows Server 2008 R2 and Windows Server 2008 R2 sp1.

AppSense Environment Manager. Enterprise Design Guide

RAS Associates, Inc. Systems Development Proposal. Scott Klarman. March 15, 2009

Introduction. Our Services

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2

Scope of Work Microsoft Infrastructure Upgrade

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

SuccessWare 21 Deployment Options

Southwest District Health Nomination Narrative

State of Missouri Active Directory & Consolidation Project Executive Summary

TRG Clients in the Cloud Today

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2 Course: Length: 5 Days

MOC 5047B: Intro to Installing & Managing Microsoft Exchange Server 2007 SP1

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2

10233B Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2

Implementing a Microsoft Windows 2000 Network Infrastructure

Chabot Las Positas Community College District

המרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון טל' פקס בשיתוף עם מכללת הנגב ע"ש ספיר

REMOTE INFRASTRUCTURE MANAGEMENT COURSE CURRICULUM

MCSA Objectives. Exam : TS:Exchange Server 2007, Configuring

How To Upgrade To Symantec Mail Security Appliance 7.5.5

Designing, Optimizing and Maintaining a Database Administrative Solution for Microsoft SQL Server 2008

MICROSOFT CERTIFIED SYSTEMS ENGINEER Windows 2003 Track

Oakland County Michigan Information Technology (IT) Strategic Plan

Novell Open Enterprise Server 2015 and Microsoft Windows Server 2012 R2 Compare and Contrast:

CHAPTER 6 AGENCY HARDWARE INVENTORY

The CATS Project in Idaho, Commercial Off-the-Shelf (COTS) Approach To Integrated Tax Systems

LEARNING SOLUTIONS website milner.com/learning phone

Information Technology (IT) Report April and May 2015

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE CATALOG DESCRIPTION

THE COMPLETE VIEWER FOR MS PROJECT. Deployment White Paper

MS Design, Optimize and Maintain Database for Microsoft SQL Server 2008

Microsoft Active Directory Project

Australian Bank Improves File Services and Software Deployment for its Branch Offices

Messaging End User and Agency Directory Migration Overview. IT Infrastructure Partnership Team Nov. 17, 2008

Cisco Wide Area Application Services Software Version 4.1: Consolidate File and Print Servers

Step-by-Step Configuration

MICROSOFT WINDOWS SERVER8 ADMINISTRATION

Designing a Windows Server 2008 Active Directory Infrastructure and Services

10233B: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010

th Ave. Helena, MT 59601

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

EXCHANGE SERVER 2013 MESSAGING

Deploying Windows Server 2008

Implementing Microsoft Azure Infrastructure Solutions

Directory-enabled Lights-Out Management

6436: Designing a Windows Server 2008 Active Directory Infrastructure and Services (5 Days)

Active Directory and DirectControl

MCITP MCITP: Enterprise Administrator on Windows Server 2008 (5 Modules)

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

HIGH AVAILABILITY DISASTER RECOVERY SOLUTION

THE ecommerce CHALLENGE

Planning and Implementing Windows Server 2008

Apple Pro Training Series. OS X Server. Essentials. Arek Dreyer. and Ben Greisler

Networking Best Practices Guide. Version 6.5

Course 10233:Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2

Designing a Windows Server 2008 Network Infrastructure

Enterprise Exchange . Category: Enterprise IT Management Initiatives. State: Nebraska

Networking Basics. A guide for businesses with up to 75 computers

ITEC 495 Capstone Project Ideas

SmartCenter for Pointsec - MI Overview

ARCHITECTURAL OVERVIEW Availability Service (EAS) with Activ box

Course Agenda: Managing Active Directory with NetIQ Directory and Resource Administrator and NetIQ Exchange Administrator

Rationale for Declaring Microsoft Exchange as the Statewide Server Software Standard

Microsoft Exchange 2013 Ultimate Bootcamp Your pathway to becoming a GREAT Exchange Administrator

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

CGIAR Active Directory Design Assessment DRAFT. 18 September 2007

Transcription:

Title of Nomination: Montana Statewide Directory Implementation Project/System Manager: Mike Boyer Title: Computing Technology Services Bureau Chief Agency: Information Technology Services Division Department: Administration Address: PO Box 200113 - City: Helena State: MT Zip: 59620-0113 Phone: 406-444-2700 Fax: 406-444-2701 Email: Mikboyer@state.mt.us CATEGORY: Enterprise_Information_Architecture Person Nominating (if different): Brian Wolf Title: Chief Information Officer Address: PO Box 200113 City: Helena State: MT Zip: 59620-0113 Phone: 406-444-2700 Fax: 406-444-2701 Email: bwolf@state.mt.us

Category: Enterprise Information Architecture Montana Statewide Directory Implementation Executive Summary In 1994 the State of Montana deployed its first statewide directory. At that time Novell s NetWare was the state s standard for LAN operating systems. As part of the state s upgrade to NetWare 4.x, migrating from server centric environments to a directory centric environment was embarked upon with the introduction of Novell Directory Services (NDS). Even though this was early in the industry development of directory services, the state understood the significance of this relatively new technology. The state realized that the benefits to be gained from the directory service deployment would vary greatly depending on the implementation design that was used one directory statewide or multiple agency directories. It was immediately apparent that there were significant advantages to a single directory, however, there were significant hurdles as well, both technical and political, that would have to be addressed before a single directory could be considered an option. In 2001 the state began the planning and design process to implement Microsoft s Active Directory (AD). An Information Technology Managers Council (ITMC) sponsored project team made up of Information Technology Services Division (ITSD) technical staff and state agency technical representatives worked on this for approximately one year. The plan was presented to ITMC in a white paper form, voted on, and passed. Implementation of the directory began in early 2002 and is anticipated to be completed before year s end. The current implementation involves pulling all existing Windows 2000 servers and NT servers and domains into the directory. By deploying the single directory from a statewide perspective rather than an agency perspective, the state has realized significant improvement in the operation of government. Montana state law addresses technology use for government with statements like: common data is entered once and shared among agencies, and technology systems and data management applications are implemented and managed in a coordinated manner. The implementation of the single directory across all agencies accomplished these and many other requirements while maintaining needed administrative functions in the agency. The state expects to realize many benefits associated with the implementation of a single Active Directory structure, including improved service, reliability, access, security, data sharing and reduced costs across the enterprise. - 1 -

Montana Statewide Directory Implementation A. Description of project In 1994 the State of Montana deployed its first statewide directory. At that time Novell s NetWare was the state s standard for LAN operating systems. As part of the state s upgrade to NetWare 4.x, migrating from server centric environments to a directory centric environment was embarked upon with the introduction of Novell Directory Services (NDS). Even though this was early in the industry development of directory services, the state understood the significance of this relatively new technology. The state realized that the benefits to be gained from the directory service deployment would vary greatly depending on the implementation design that was used one directory statewide or multiple agency directories. It was immediately apparent that there were significant advantages to a single directory, however, there were significant hurdles as well, both technical and political, that would have to be addressed before a single directory could be considered an option. The State of Montana Information Technology Managers Council (ITMC) is an advisory group made up of IT managers from all state agencies. This council participates in technology reviews and makes recommendations for technology directions and implementations in the state. A subcommittee of this group was created and tasked to research and develop a recommended directory implementation strategy for the state. After significant time and effort, the research clearly demonstrated the state would realize the greatest benefit from a single directory deployment that encompassed all state agencies. The subcommittee made that recommendation to ITMC. After the recommendation was made and all supporting information was provided, ITMC voted and passed a resolution to move forward with a single statewide directory implementation and to enter into a Master License Agreement with Novell. In 2001 the state began the planning and design process to implement Microsoft s Active Directory (AD). An ITMC sponsored project team made up of Information Technology Services Division (ITSD) technical staff and state agency technical representatives worked on this for approximately one year. The experience and policies obtained from the implementation of the NDS significantly paved the way for a recommended single statewide AD design. The plan was presented to ITMC in a white paper form, voted on, and passed. Implementation of the directory began in early 2002 and is anticipated to be completed before year s end. The current implementation involves pulling all existing Windows 2000 servers and NT servers and domains into the directory. The state has continued to realize additional benefits from information systems that utilize the statewide directory environment. A few of these systems include: - 2 -

Citrix servers that are available to all agencies and use the directory for authentication Network administrative tools that have been implemented on a statewide basis such as ZenWorks SABHRS, the state s accounting, budgeting and human resources system which is a PeopleSoft application Exchange which is the state s e-mail and calendaring system and was deployed with a single address book for the entire state. Exchange 2000 will be implemented following the completion of the AD and will use the AD, no longer having a separate address book. VPN service which uses the directory for authentication The statewide directory environment includes: 27 state agencies and several other governmental entities 85 network administrators providing wide ranging IT support including those agency specific functions associated with the statewide directories Over 400 servers 1,500 printers 10,500 users More than 250 physical locations across the state To ensure the success of statewide directory implementations, several policies, guidelines and administrative practices were developed and implemented including the following: To ensure the integrity of the directory database it is administered by a single group within ITSD. This means that all partitioning, replicating, schema changes, maintenance and repairs to the directory database are done by this designated group. The directory design and deployment follows an organization first and geographic second structure. The organization structure follows agency boundaries. Each agency may have multiple locations in 56 counties that dictate the geographic structure under each agency. Administration of all objects in the directory is the sole responsibility of the agencies. This means they have full control over all resources and users for their agency including users, workstations, servers, printers, groups, etc. The state is broken into two major regions and one minor region for aggregating data traffic. Each of these regions has a single facility that houses the aggregating equipment. ITSD is responsible for providing and administering the necessary directory support servers at these aggregating points. Agencies continue to provide all servers they require to do their business, maintain full control of the information contained on them and authorize access to that information. These agency servers, however, also house replicas of directory partitions. The ITSD group is responsible for designing and implementing the location of these replicas. Because of the technical requirements for numbers and - 3 -

locations of partition replicas, agency servers house replicas that contain information for other agencies. To ensure the reliability of this environment, significant coordination is required. The Network Managers Group (NMG) is made up of network administrators from all agencies. This group meets weekly and discusses all issues relevant to the administration of the directory. The ITSD group provides updates at these meetings regarding all maintenance, upgrade, support issues, etc. Because of the interconnection of agency directory replicas on agency servers, all server administration that requires the downing or moving of servers is coordinated with the ITSD group to ensure the health and integrity of the NDS. Because of the ability for inexperienced, non-trained network administrators to have an adverse effect on the directory, it is a requirement that every agency have a primary and alternate administrator complete training to a defined level before they are granted administrative rights within the directory. B. Significance to the improvement of the operation of government By deploying the single directory from a statewide perspective rather than an agency perspective, the state has realized significant improvement in the operation of government. Montana state law addresses technology use for government with statements like: common data is entered once and shared among agencies, and technology systems and data management applications are implemented and managed in a coordinated manner. The implementation of the single directory across all agencies accomplished these and many other requirements while maintaining needed administrative functions in the agency. This was necessary to guarantee the agencies could provide the required level of support and service in a timely manner for their users included in the single directory. From a security perspective this deployment provides significant service improvement including: The State Security Manager is responsible for determining and ensuring compliance with those policies for all state network entities. Statewide security policies are then implemented one time, from one location, in one directory. This deployment enables administrators in the ITSD support group with a high level of security to support the statewide directory, thus reducing the number of employees subject to security requirements such as background checks and fingerprinting. It allows auditing functions to be done once from a central perspective, thus it can be accomplished with fewer resources. The state is providing remote access to the state network via a single VPN solution that uses the statewide directory for authentication. - 4 -

From the agency perspective this deployment provides significant service improvement including: High level directory support is available from the ITSD support group, thus this level of expertise does not have to be developed and maintained in administrators in every agency. The agencies can easily share necessary information without having to e-mail, FTP or send paper copies. Owners of the information can grant access to any user defined in the directory simply by pointing and clicking, whether they are from the same or different agencies. The users that have been given authorization to the data can access it without having to login to another agency s or agency location s system, moving us closer to single signon or at least a reduced number of signons required. Information and work collaboration between agencies is much easier and secure. Users are created one time in the directory rather than several times in multiple agency or location directories. Administration is done from a central location reducing the need to travel in a state that can take several hours to reach some of the outlying locations. There is one set of directory hardware to purchase and support. There is one directory communicating on the network thus reducing the total data traffic generated. There is one group of high level support staff needing training to support the directory. Additional products that provide communication or syncing between disparate directories and all of the hardware, software and support requirements for those products are not necessary. C. Benefits realized by service recipients, taxpayers, agency or state The State has realized significant benefits through deployment of enterprise directories rather than individual agency directories. Some of these benefits are as follows: Improved service Separating infrastructure support from administrative support has allowed each group of administrators to be more knowledgeable and responsive. Common add/change/delete activities are handled in a distributed manner by agency administrators who are close to their users and aware of their needs. Improved reliability Having a small, centralized staff take care of infrastructure issues provides for improved reliability through more specialized knowledge, better change control and better disaster recovery. Improved access, security and data sharing Having an enterprise directory structure allows users access to all resources through a single signon, and allows administrators to more easily manage user accounts and security. Reduced cost Significant savings have been realized in a wide range of areas including hardware and software procurement, IT support staff, and user productivity. - 5 -

D. Return on investment, short-term/long-term payback The State of Montana has not specifically calculated a ROI for its centralized directory services. However, we believe that the savings have been significant. We anticipated savings in several areas including: IT staff training - $700,000 savings due to reduced level of training needed for agency IT staff. Only the centralized ITSD staff needed the full curriculum of training, while agency staff were able to get by with fewer courses covering the common administrative duties they perform. Hardware - $500,000 savings due to fewer servers needed with the centralized design Software while some software savings was anticipated, a specific amount was not calculated. In either the centralized or decentralized model, the state would have put together a central purchasing mechanism for agencies to take advantage of volume discounts. Ongoing IT staff costs significant efficiencies were expected but never measured for ongoing staff costs in performing administrative tasks. Efficiencies were anticipated for account setup, security implementation, software integration and user support. This area was viewed as having greater cost savings potential than any of the previously mentioned areas. Note that the specific dollar savings mentioned above were initial, one-time costs and were considered the minimums. The state expected to save millions of dollars in just a few budget cycles. - 6 -

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information