CalNetAD Documentation: Planning Committee Meeting, May, 17 2006


	Welcome • Services • Getting Started • Support and Tools • Documentation

	CalNetAD Planning Committee September 14, 2007 2195 Hearst, 101A Conference Room, 11AM-12PM Updated: 9/17/2007 Agenda KDC Migration Update (Karl Grose) Cross-Realm Abatement (John Weber) Windows Server 2008 RDP(John Weber) Move User Update (Michael Leefers) EFS Pilot (John Weber and Allison Henry) Other Business Notes KDC Migration Update Karl gave a quick update on the MIT KDC migration to Active Directory. He noted there are still prerequisites to be done before the cut over can occur, but said that we have gained a lot in terms of application compatibility with pass phrase synchronization. Cross-Realm Abatement John announced the availability of a domain wide GPO (Campus – Remove BERKELEY.EDU cross-realm) to remove Windows 2000/XP registry keys that point to the MIT Kerberos Realm. This abatement is needed to facilitate the migration from MIT Kerberos to AD. OU administrators should start to test this GPO in their environment as soon as possible, as cross-realm will no longer be supported after November 1, 2007. OU administrators are expected to apply this GPO to their OU structure before November 1. Most importantly, OU administrators will need to educate their user population in regards to user credentials: The "BERKELEY.EDU (Kerberos Realm)" drop down in the Windows logon GUI will no longer be present "username@BERKELEY.EDU" will still be valid, however Users can also select "CAMPUS" from the drop down menu The registry script used by the GPO is available here for non-joined machines. After November 1, student employees will no longer be able to access CalNetAD resources with his/her employee ID. However his/her CalNetID (student ID) will still work. Windows Server 2008 RDP The IST Enterprise Windows team was accepted into the Windows Server 2008 Rapid Deployment Program. By becoming a part of this program, the IST Windows Team will be required to put Windows Server 2008 into production before the scheduled release date of February 27, 2008. The CalNetAD infrastructure was selected for an upgrade to Server 2008 because of the availability of Bitlocker, read only domain controllers (RODCs), and Windows server core. A preliminary timeline is available below: September 2, 2007: CAMPUS-DEV build complete with CalNet synchronization in place November 2007: UC-TEST and CAMPUS-TEST upgraded to 2008 December 2007: Begin UC and CAMPUS DC rebuilds to 2008 January 2008: Complete UC and CAMPUS rebuilds. Raise domain levels of UC and CAMPUS Post release (February 27, 2008): Work with HAAS administrators for 2008 deployment and eventually raise forest functional level Move User Update Michael received good feedback on the new "Move User" web application. He wanted to reinforce that deputy processing unit information is kept by the CalNet team in LDAP, and is not housed by the CalNetAD staff. EFS Pilot Allison Henry from SNS will be sending out a brief survey to all OU administrators gauging the interest in IST managed desktop encryption solutions. Other Business

	Contact Us