Before the Windows 2000 stampede leaves you in the dust, spend some time figuring out what you can do today to prepare for the trail.

10 Steps to Prepare for Windows 2000

Before the Windows 2000 stampede leaves you in the dust, spend some time figuring out what you can do today to prepare for the trail.

Have you begun planning for Windows 2000? As far as we’re concerned, this product line-up promises to be the largest make-or-break career opportunity for systems engineers since Microsoft announced its first premium title and MCP Magazine published its first salary survey. Face it. All of the new concepts and administrative tools in the OS will prove highly challenging. Now is the time to get moving on it—before the trail gets littered with the debris of a stampede. So herewith, we provide 10 activities we believe you should undertake in order to prepare for its arrival.

1. Identify your Windows 2000 architecture team and send it to training.

For an organization moving to Windows 2000 the first step is developing a common understanding of the technology. There’s nothing more confusing than having a team that lacks the vocabulary and understanding of the fundamentals of a technology. Windows 2000 establishes a whole new list of terms, tools, and concepts that are best learned in a structured environment that includes both conceptual training and hands-on product configuration exposures.

Windows 2000 training promises to be big business for the industry. The additional complexity of the technology as well as the breadth of the functionality dictates a broader set of training options than what is currently available with the Microsoft NT 4.0 family.

Depending on the role of the staff, there are a few different training approaches that we recommend. For the Windows 2000 designer, the starting point would be an education in Active Directory. This is the single most significant feature of Windows 2000—the component that ties everything together from administration of applications and services to security. The Active Directory training should be followed with some hands-on exposure to Active Directory in a lab environment.

For the network administrator, valuable training would include a look at new concepts followed by some hands-on work that exposes how to perform distributed administration and use the Microsoft Management Console (MMC) tools and snap-ins.

2. Identify business requirements and map them to Windows 2000 functionality.

The mission of Windows 2000 is to enable the global corporation to address many of the business issues that originally drove companies from mainframe to a distributed computing environment. Reduced cost of ownership and increased functionality provide the IT director with compelling reasons for moving forward with Windows 2000.

An example of a business requirement that might drive a company is a requirement to reduce the number of administrative staff members needed to support the desktop computing environment. Strengthened by Active Directory, Windows 2000 provides the backdrop for reducing costs by eliminating duplication of administration responsibilities omnipresent in multi-domain environments. With Windows 2000, MMC, and Active Directory, it’s finally possible to administer servers, services, and other enterprise resources from a central location.

Likewise, many Windows 2000 features are rooted in the established business requirements for IT systems. Another example of a business requirement is the increasing focus by large companies on the need for a unified, central repository for employee data and network resources. Active Directory can provide that repository. By tying business requirements to the technology, organizations will keep project priorities in focus.

3. Standardize on NT 4.0 and TCP/IP.

Windows 2000 supplies all the arguments necessary for an organization to justify standardizing on TCP/IP. The OS relies heavily on services that depend on TCP/IP, such as DNS and LDAP, and provides tools to ease the administrative burden once associated with TCP/IP. DHCP and Dynamic DNS allow for TCP/IP implementations to be as flexible as other proprietary or non-routable protocols. Hence, if your organization doesn’t have a complete TCP/IP strategy, now is the time to move in that direction.

  • Attend a Microsoft TCP/IP course. It’s possible that someone in your organization knows TCP/IP. Now it’s time to get that individual up to speed on Microsoft’s implementation of TCP/IP.
  • Create a TCP/IP strategy document that includes the use of DHCP. This document should outline the IP and subnet addressing of your local area and wide area networks and will define the scopes of IP addresses and the location of DHCP, DNS, and WINS servers. It will also define the hostname and NetBIOS name resolution services, thereby assuring timely name resolution from anywhere on the network.

TCP/IP is the industry standard—many systems assume it’s fully implemented. A building is only as stable as its foundation; an OS and its applications will only be as stable as the infrastructure and protocols supporting them.

4. Learn DNS and how it’s implemented in your organization.

Learning DNS is an extremely important activity in any successful implementation of Windows 2000. Active Directory is based in part on the Domain Name Service (DNS). The administrative teams who manage the NT environment today typically don’t control the Internet name space in many companies. Consequently, it will be necessary for NT administrators to work closely with Unix administrators both during and following the implementation of Windows 2000.

Windows 2000’s dependency on DNS isn’t limited to the typical DNS versions that many organizations are using. With Windows 2000, several new Request For Comment (RFC) features need to be implemented. So while Windows 2000 will work with non-Microsoft DNS implementations, it’s important to understand what features are implemented and supported. The political battles around a Microsoft DNS implementation may be too difficult to overcome as part of large-scale implementation with a relatively new technology.

We recommend using Microsoft’s DNS due to the integration with Active Directory; but even if you don’t standardize on Microsoft’s DNS, the more you know about DNS in general, the easier your configuration choices and troubleshooting will be.

5. Read an X.500 book. To add adventure, include LDAP.

Although Active Directory isn’t based entirely on the public X.500 directory standard, it is, in the words of Microsoft, “X.500-like.” This means it’ll be extremely important for Windows 2000 professionals to understand X.500 concepts such as organizational units (OUs), given names (GNs), distinguished names (DNs), and other X.500 directory components. Like X.500-based directories, the Active Directory is based on a hierarchical structure comprised of containers and objects. Properties can be assigned and manipulated on individual objects.

In addition to learning about the X.500 directory standard, it’s important to learn as much as possible about the Lightweight Directory Access Protocol (LDAP). Just as the Directory Access Protocol (DAP) is used to access and manipulate X.500-based directories, LDAP is used to access and manipulate the Active Directory. LDAP is a standards-based API that enables administrators to add and delete objects from the directory, as well as modify administrative and security properties. The more familiarity you have with LDAP and script-based administration of the Windows 2000 platform, the easier it will be for you to integrate Windows 2000 into a heterogeneous, distributed computing environment.

6. Reevaluate NT 4.0 groups and Administrative structure.

The administrative capabilities of Windows 2000 are greatly expanded over those of NT 4.0. Much of the additional functionality comes from the expanded role of Groups in Active Directory. Therefore, it’s important to understand your current NT 4.0 group strategy and to bring the NT 4.0 groups in line with that strategy. This means eliminating obsolete groups and verifying the necessity and membership of both Global and Local NT 4.0 groups.

Windows NT 4.0 limits the ability of companies to implement the administrative management strategy that best suits their environments. Windows 2000 has overcome many of these limitations, giving organizations the ability to design appropriate administrative strategies.

This means, however, that you, your department, and your organization have to be willing to change the administrative organizational structure you currently have in place.

Furthermore, it’s easy to go hog-wild with the flexibility of Windows 2000 administration control policies. You’ll have to make an effort not to create an administrative strategy that’s overly complex. For example, it’s possible to assign control and access to specific properties on objects in the directory. Another example: You could permit users to change their directory information, such as phone numbers.

This means you can give an individual the right to change the passwords for people in a container in the directory tree, but not change any other user properties. This will require a much larger emphasis on developing a strategy for how control is allocated, rather than simply determining who will be administrators for the computing environment.

7. Prepare a Windows 2000 test lab.

We’ve heard of more than one instance of heated debate regarding the functionality of the Active Directory and Group Policies that was only resolved in the lab with developed scenarios and hands-on testing. With Windows 2000 there are several ways to accomplish the same functionality; by bringing tests into the lab you can evaluate the approach that matches the goals of your implementation.

Your lab should include enough hardware to simulate the production environment in which Windows 2000 will eventually be deployed. This may include:

  • Two Windows 2000 domain controllers.
  • Appropriate Windows clients (Windows 95, 98, NT Workstation, or Windows 2000).
  • A distributed WAN simulator to baseline directory replication in the production environment.
  • All the applications that will be deployed in the production environment.

Windows 2000 should be tested in the lab in a controlled manner. First, establish the goals that should be accomplished as a result of the lab test. Next, build a test script and a matrix in which the goals will be accomplished. The test matrix should include testing for all functionality that will eventually be deployed in production. Then identify steps for later testing in cases where the functionality isn’t included in Windows 2000 yet.

8. Create a Windows 2000 pilot program and deployment schedule.

Creating a schedule may show how much time you don’t have. Especially with Y2K fast approaching, your ability to move to Windows 2000 may be hampered. After taking the Windows 2000 concepts training, take the time to validate your understanding of the fundamental concepts.

After careful testing and documentation, your organization should establish a pilot program for Windows 2000. The first pilot should be with a small group of users with needs identified in the business requirements, and also have a high tolerance for configuration and changes. We’ve seen Windows 2000 beta releases act in a stable manner, but it’s best to set pilot user expectation for interrupt. Once the pilot has run successfully, the next step is for a production pilot implementation across a representative group of users.

Finally, establish at least a rough map of the deployment plan. The deployment plan will provide your organization with another point of reference for how long the Windows 2000 implementation should take. We think your organization will be surprised with the time and effort involved with planning for a migration to Windows 2000.

9. Identify network infrastructure and future plans.

The network infrastructure on which Windows 2000 will be installed can greatly influence the design of the sites, directory replication, and the Active Directory schema. Consequently, it’s critical that you have a complete understanding of the network infrastructure that currently exists in your organization and any upgrades or modifications that will occur before Windows 2000 is released. When establishing the baseline architecture for the existing network, it’s important to focus on the following:

  • IP subnets, including all hosts and resources.
  • Type and speed of connectivity between subnets.
  • Network paths between remote networks.

Once you’ve established a baseline and architecture for the existing infrastructure, it will be possible to begin to build a Windows 2000 site architecture and directory replication plan. In addition, you’ll be able to identify the extent to which you’ll have to deploy global catalogs in your environment. All of these technical elements will affect the performance of your Windows 2000 system once it’s deployed.

10. Participate in Windows 2000 beta program and forums.

As long as Windows 2000 hasn’t been released, it’s not too late to get involved with the beta program. Though the beta program is officially closed to new participants, beta CDs are always being handed out at Microsoft events. Or call your local Microsoft sales office to obtain one.

Periodically visit the Windows 2000 beta site at http://ntbeta.microsoft.com, which is home to valuable information, including several newsgroups. Once you install the beta CD, the newsgroups can serve as a valuable source of technical support and shared experiences.

Breaking out of the mold

Windows 2000 is considered an upgrade from Windows NT 4.0; however, the two products are significantly different. Windows 2000 is making deliberate steps to break out of the mold of being just a small business network operating system solution. This is Microsoft’s best shot at becoming a true contender for running the enterprise. That means taking on the issues that large enterprises demand: a scalable organizational directory, desktop management to reduce cost of ownership, and flexible administration. These changes require the people with existing NT 4.0 installations to re-evaluate many current policies and procedures in order to effectively benefit from Windows 2000. As a maturing industry demands extensible products to meet its needs, you and your organization must be willing to properly implement these new products to realize a return on your investment.

See you on the newsgroups!

Featured