Thông tin tài liệu
Contents
Overview 1
Conducting an Organizational Analysis 2
Designing an Active Directory Structure 11
Creating a Functional Specification 20
Lab A: Designing an Active Directory
Infrastructure 21
Review 31
Module 9: Designing an
Active Directory
Infrastructure
Information in this document is subject to change without notice. The names of companies,
products, people, characters, and/or data mentioned herein are fictitious and are in no way intended
to represent any real individual, company, product, or event, unless otherwise noted. Complying
with all applicable copyright laws is the responsibility of the user. No part of this document may
be reproduced or transmitted in any form or by any means, electronic or mechanical, for any
purpose, without the express written permission of Microsoft Corporation. If, however, your only
means of access is electronic, permission to print one copy is hereby granted.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
2000 Microsoft Corporation. All rights reserved.
Microsoft, Windows, Windows NT, Active Directory, BackOffice, PowerPoint, Visual Basic, and
Visual Studio are either registered trademarks or trademarks of Microsoft Corporation in the
U.S.A. and/or other countries.
The names of companies, products, people, characters, and/or data mentioned herein are fictitious
and are in no way intended to represent any real individual, company, product, or event, unless
otherwise noted.
Other product and company names mentioned herein may be the trademarks of their respective
owners.
Project Lead: Andy Sweet (S&T OnSite)
Instructional Designers: Andy Sweet (S&T OnSite), Ravi Acharya (NIIT), Sid Benavente,
Richard Rose, Kathleen Norton
Instructional Design Consultants: Paul Howard, Susan Greenberg
Program Managers: Lorrin Smith-Bates (Volt), Megan Camp (Independent Contractor)
Technical Contributors: Angie Fultz, Lyle Curry, Brian Komar (3947018 Manitoba, Inc.), Jim
Clark (Infotec Commercial Systems), Bill Wade (Excell Data Corporation), David Stern, Steve
Tate, Greg Bulette (Independent Contractor), Kathleen Cole (S&T OnSite)
Graphic Artist: Kirsten Larson (S&T OnSite)
Editing Manager: Lynette Skinner
Editor: Jeffrey Gilbert (Wasser)
Copy Editor: Patti Neff (S&T Consulting)
Online Program Manager: Debbi Conger
Online Publications Manager: Arlo Emerson (Aditi)
Online Support: Eric Brandt (S&T Consulting)
Multimedia Development: Kelly Renner (Entex)
Testing Leads: Sid Benavente, Keith Cotton
Testing Developer: Greg Stemp (S&T OnSite)
Compact Disc and Lab Testing: Testing Testing 123
Production Support: Ed Casper (S&T Consulting)
Manufacturing Manager: Rick Terek (S&T OnSite)
Manufacturing Support: Laura King (S&T OnSite)
Lead Product Manager, Development Services: Bo Galford
Lead Product Managers: Dean Murray, Ken Rosen
Group Product Manager: Robert Stewart
Module 9: Designing an Active Directory Infrastructure i
Instructor Notes
This module summarizes the topics covered in the previous modules and
presents a framework for creating an Active Directory
™
infrastructure. The
module offers strategies for forming a design team and analyzing the business
and administrative model of an organization. The module also presents
guidelines for making design choices that satisfy the business requirements of
an organization. The elements of designing an Active Directory structure are
reviewed. The module finishes with a discussion of completion of the design
process through documentation, examination of design costs and benefits, risk
analysis, and validation through testing.
At the end of this module, students will be able to:
!
Conduct an analysis of an organization to determine business and
administrative needs that impact the design of an Active Directory structure.
!
Create an Active Directory design that satisfies the business and
administrative needs of an organization.
!
Complete the design process through documentation, examination of design
trade-offs, risk analysis, and validation through testing.
Lab A, Designing an Active Directory Infrastructure, is a scenario-based
planning lab, during which the students will design an entire Active Directory
structure based on the business needs of a large organization. Following the
design team guidelines presented in the module, the students will form a design
team. Each member of the team will be provided with the business
requirements they should communicate to the team, and will continue in that
role for the duration of the lab. The group will complete a vision/scope
document, a risk analysis document, and a functional specification. The group
will then complete the design of an Active Directory structure that includes
administrative requirements, Group Policy requirements, a schema modification
policy, a domain and organizational unit (OU) structure, and a site topology.
Materials and Preparation
This section provides you with the required materials and preparation tasks that
are needed to teach this module.
Required Materials
To teach this module, you need the following materials:
!
Microsoft
®
PowerPoint
®
file 1561b_09.ppt
!
Visio 2000
Presentation:
30 Minutes
Lab:
90 Minutes
ii Module 9: Designing an Active Directory Infrastructure
Preparation Tasks
To prepare for this module, you should:
!
Read all of the materials for this module.
!
Complete the lab.
!
Read the following technical white paper located on the Trainer Materials
compact disc:
• Enterprise Architecture Essentials: Achieving Business Value with IT
Instructor Setup for a Lab
This section provides setup instructions that are required to prepare the
instructor computer or classroom configuration for a lab.
Lab A: Designing an Active Directory Infrastructure
Ensure that Visio 2000 Enterprise Edition is installed on the instructor
computer and all student computers, and that the Active Directory template is
operational. Ensure that the \\London\Solutions\Lab9
and \\London\Labs
directories are shared and accessible from the student computers.
In this planning lab students are given a scenario and criteria. The instructor
assigns roles to be played by each of the students. Divide the class into groups
of three to six students and assign roles to each student as follows:
Group
Size
Student
1
Student
2
Student
3
Student
4
Student
5
Student
6
6 Program
Manager
Product
Manager
Develop-
ment
Logistics User
Education
Testing
5 Program
Manager
Product
Manager
Develop-
ment
Logistics User
Education
and
Testing
4 Program
Manager
and
Logistics
Product
Manager
Develop-
ment
User
Education
and
Testing
3 Program
Manager
and
Logistics
Develop-
ment
Product
Manager,
User
Education
and Testing
If there are only two students in class, the instructor should take the role(s) of
one of the students and join in the group with the students taking the other roles.
These roles are stored on the student and instructor compact discs as Microsoft
Word documents. They are also installed to the \\london\labs\lab9
share on the
instructor computer during classroom setup. You can print the roles and
distribute them at the time of the lab, or you can instruct the students to access
the files on the \\london\labs\lab9
share. Encourage the students to look only at
their own assigned role(s).
Module 9: Designing an Active Directory Infrastructure iii
All of the scenario and criteria information needed to complete the lab is written
in the role documents. It is the job of the students to share the information that
they have with their group. The students will work together in their groups to
define the vision/scope of the project, assess the risks of the project, and create
the specifications and design of the Active Directory structure that will meet the
needs of the organization described in the scenario.
When students are finished with the lab, discuss the scope and risks sections as
a group. Then have one of the groups present their solution. Show the solution
on the instructor computer. Show the finished drawing stored in the
\\London\solutions
directory as Lab9.vsd.
Module Strategy
Use the following strategy to present this module:
!
Conducting an Organizational Analysis
Explain the importance of performing a careful analysis of an organization
prior to designing an Active Directory structure. Explain the various roles
that comprise a successful project team, and tell students that they will be
assuming these roles in the lab. Define vision, scope, and risk, and relate
how these concepts will help in guiding the preliminary design process.
!
Designing an Active Directory Structure
Review the architectural elements of an Active Directory structure,
including delegation, Group Policy, domain structures, schema, site
topology and naming strategies.
!
Creating a Functional Specification
Explain the features of a functional specification, and emphasize the
importance of a written plan for the project.
Customization Information
This section identifies the lab setup requirements for a module and the
configuration changes that occur on student computers during the labs. This
information is provided to assist you in replicating or customizing Microsoft
Official Curriculum (MOC) courseware.
The lab in this module requires students to use Visio 2000 to document their
designs. Visio 2000 is demonstrated in course 1561B, module 3, Designing
Active Directory to Delegate Administrative Authority. If Visio has not been
previously demonstrated to students, refer to module 3 for instructions on
demonstrating Visio 2000.
Module 9: Designing an Active Directory Infrastructure 1
Overview
!
Conducting an Organizational Analysis
!
Designing an Active Directory Structure
!
Creating a Functional Specification
Designing a Microsoft
®
Windows
®
2000 Active Directory
™
directory service
infrastructure involves planning the logical and physical aspects of the
environment. You will start by gathering information about the current structure
within the organization. Your design should incorporate the architectural
elements of Active Directory to best address the business and administrative
needs of the organization. Then, you will complete the design and ensure that it
is inclusive and flexible enough to support your organization’s needs.
Slide Objective
To provide an overview of
the module topics and
objectives.
Lead-in
In this module, you will learn
about designing a
comprehensive Active
Directory structure based on
the needs of an
organization.
2 Module 9: Designing an Active Directory Infrastructure
#
##
#
Conducting an Organizational Analysis
!
Assembling the Central Planning Team
!
Identifying the Vision and Scope of the Project
!
Performing Risk Management
!
Documenting the Current Physical Network
!
Analyzing Current Business Practices
!
Projecting Growth and Reorganization
To create an Active Directory directory service for an enterprise, you should
first assemble a central planning team. The central planning team will gather
data about the organization’s structure and business locations. This data will
provide key information about how the organization manages people,
information, and resources. At the same time, the central planning team must
also examine the enterprise’s business practices to determine how best to meet
the business needs of an organization.
Slide Objective
To introduce the information
gathering phase of an Active
Directory design.
Lead-in
Before you design Active
Directory, you need to
gather information about the
company’s organizational
and technological structure.
Module 9: Designing an Active Directory Infrastructure 3
Assembling the Central Planning Team
!
The Central Planning Team Will
$
Obtain approval from upper management
$
Identify and consult with all systems
and operations administrators
$
Gather information
about current network
Program
Management
Program
Management
Development
Development
Testing
Testing
Logistics
Management
Logistics
Management
User
Education
User
Education
Product
Management
Product
Management
Communication
The central planning team is responsible for gathering necessary information
about an enterprise, and organizing the information so it can guide the Active
Directory design from conception to implementation. The planning team should
work closely with all aspects of the organization to ensure that the
organization’s needs are being met effectively and efficiently. The planning
team members must also communicate openly with each other to ensure that all
aspects of the organization’s needs are being addressed in the design of Active
Directory.
The central planning team is responsible for the following activities:
!
Obtaining approval from upper management and the authority to represent
the needs of the entire organization.
!
Identifying all systems and operations administrators for the entire
organization so that you can gather information from the people who will be
using the final network. Administrators can provide details about the
network that may be missed in a high-level overview of the network.
!
Gathering information about the organization’s current internal
administrative structures, locations, resources, users, and security policies.
Slide Objective
To describe the purpose of
a central planning team.
Lead-in
The central planning team
will develop the plan to
implement Active Directory
in your organization.
Delivery Tip
Ask a volunteer to describe,
by role, the members of
their own organization that
would be best fit to serve on
the central planning team.
4 Module 9: Designing an Active Directory Infrastructure
Team Roles
There are six general roles on a complete planning team. These roles may be
performed by one or more persons, depending on the size of the organization,
and include:
!
Program Manager. The program manager provides technical support for the
project and secures resources the team needs to complete the project.
!
Product Manager. Product Management articulates a vision for the design.
The product manager identifies requirements of the organization, develops
and maintains the business reasons for initiating the project, and manages
expectations of the organization. Product Management owns the vision
statement.
!
Development Manager. Development builds or implements the design. The
development manager is typically an experienced implementation architect
or developer who is able to understand and appreciate the key issues in all
technical areas of the project. An important aspect of this role is active
participation in creating the functional specification.
!
Testing. Testing ensures all issues are known before the release of the
design. Testing prepares the test plan, test specifications, and test cases.
!
User Education. User Education strives to make the final design as
beneficial and easy to use as possible. User Education develops training
systems, and is also responsible for reducing support costs by making the
product easier to understand and use. User Education participates in the
design as a user advocate.
!
Logistics Management. The Logistics team ensures a smooth distribution,
installation and migration of the product to the operations and support
groups. The logistics manager works with the development manager to
ensure that the necessary data is packaged to facilitate installation and
administration.
Scaling the Team
Depending on the project size, each role may be assigned to a single individual
or to a team of people with a team lead. Alternatively, one person may take
responsibility for more than one role. Because some roles can be combined, use
the following table to determine how roles may be combined, with P for
possible, U for unlikely, and N for no.
Title PRM PM DEV TES UE LM
Product Manager (PRM) N N P P U
Program Manager (PM) N N U U P
Development (DEV) N N N N N
Testing (TES) P U N P P
User Education (UE) P U N P U
Logistics (LM) U P N P U
For more information about team roles, see course 1515, Principles of
Enterprise Architecture, at www.microsoft.com/msf.
Note
[...]... schema policy to govern any proposed changes to the Active Directory schema You will need to plan the physical aspect of Active Directory and design an efficient site topology for your network Finally, the name you choose for the Active Directory structure should accommodate the organization’s current and future Internet plans 12 Module 9: Designing an Active Directory Infrastructure Designing for Delegation... cause changes in network communications? Module 9: Designing an Active Directory Infrastructure 11 # Designing an Active Directory Structure Slide Objective To describe the components of an Active Directory structure ! Designing for Delegation of Administrative Authority Lead-in ! Designing for Group Policy ! Designing a Domain Structure ! Designing a Schema Policy ! Designing Site Topology ! Designing. .. www.microsoft.com/msf Module 9: Designing an Active Directory Infrastructure 21 Lab A: Designing an Active Directory Infrastructure Slide Objective To introduce the lab Lead-in In this lab, you will work as a team to design an Active Directory structure Explain the lab objectives Objectives After completing this lab, you will be able to: ! Conduct an analysis of an organization to determine business and administrative... model and enterprise network change, they impact Active Directory design, domain and organizational unit (OU) structure, schema, and site topology A well planned design should accommodate changes that might occur within a three to five year time span To identify growth and reorganization factors that may influence your Active Directory plan, you should consider: ! The growth projections for the organization... your Active Directory structure must allow for growth and reorganization without having to restructure Active Directory Reorganization Potential ! Lead-in Growth Potential New Technology Demands Changes that affect a company’s administrative model and enterprise network include growth, reorganization, downsizing, mergers, acquisitions, competitive markets, and new technology demands When an organization’s... for designing Group Policy ! Designing Active Directory for Inheritance Lead-in ! Creating OUs for Group Policy ! Designing Group Policy Objects Inheritance is a simple way to take advantage of GPOs in Active Directory When you design for Group Policy, you design the Group Policy objects (GPOs) themselves, including their placement, function, and administration Also, you design the Active Directory infrastructure. .. Enterprise Architecture, at www.microsoft.com/msf Module 9: Designing an Active Directory Infrastructure Performing Risk Management Slide Objective To describe the purpose of risk management and the contents of a risk management document ! Proactive Risk Management $ $ Lead-in Assessing the risk of a project before you begin will help you avoid risk and also deal with risk effectively should it occur... this lab: 90 minutes Module 9: Designing an Active Directory Infrastructure 23 Exercise 1 Creating the Vision/Scope Document You will have 10 minutes to complete this exercise Assume your team role and work with your team members to create a vision/scope document for the project of designing an Active Directory infrastructure for Northwind Traders Use the following questions to organize the information... will be placed on the design of the Active Directory structure 24 Module 9: Designing an Active Directory Infrastructure Exercise 2 Creating the Risk Management Document You will have 20 minutes to complete this exercise Assume your team role and work with your team members to assess the risks involved in designing an Active Directory infrastructure for Northwind Traders 1 Use the following table to... business vision change 6 Module 9: Designing an Active Directory Infrastructure Vision/Scope Document The vision/scope document broadly describes the project to the organization The document clearly defines the business problem or opportunity, the solution, and the organization or group that benefits from the solution Once the vision/scope document is developed, the organization and the members of . on
the needs of an
organization.
2 Module 9: Designing an Active Directory Infrastructure
#
##
#
Conducting an Organizational Analysis
!
Assembling.
volunteer’s projections.
Module 9: Designing an Active Directory Infrastructure 11
#
##
#
Designing an Active Directory Structure
!
Designing for Delegation
Ngày đăng: 24/01/2014, 10:20
Xem thêm: Tài liệu Module 9: Designing an Active Directory Infrastructure ppt, Tài liệu Module 9: Designing an Active Directory Infrastructure ppt