Active Directory and Windows Services
Enterprise Technology Services (ETS) provides a coherent array of services for the Microsoft Windows platform at the University of Vermont. These services leverage existing identity and security services, provide file and printer sharing services, and facilitate collaboration with non-Windows platforms.
ETS delivers Windows services through the "ad.uvm.edu" and "campus.ad.uvm.edu" domains, designed initially by a collaboration among central and distributed technology support teams. These domains provide a robust, scaleable, and managed environment, including secure NetID sign-on, automated patch distribution, automated back-up of personal files, shared file collaboration space, delegated and distributed workstation administration, and PKI services. Our services continue to evolve and grow, with new services being provided according to community demand.
As a central provider of Information Technology services to the UVM community, ETS is committed to the on-going operations, maintenance, and management of this environment. In addition to the enterprise-wide set of services, ETS also supports the individual decisions of departments whose requirements necessitate additional Windows-based services. To those departments, ETS pledges to work cooperatively to share knowledge, tools, and services with our colleagues.
To our direct clients and to those served by distributed IT Staff, ETS' commitment is to provide highly available and secure services delivered via the Windows server platform.
Two projects in one
The Active Directory and Windows Services deployments really are two separate, but intrinsically related, service suites.
The first suite is the campus-wide Active Directory infrastructure. This infrastructure provides support both centrally deployed services and services deployed by departmental technology groups. The Active Directory servicse interoperate with the existing Kerberos-based NetID authentication mechanism, thus reducing the number of usernames and passwords required to access all University-hosted services. UVM's Active Directory service also is integrated with UVM's OpenLDAP-based identity management system. This relationship makes possible the coupling of previously disconnected applications and services. Repetitive account administration tasks thus are reduced greatly.
The second suite are the Active Directory-integrated Windows Services. These services replace similar services provided previously on the Novell NetWare platform. Although Netware served us well for many years, decreasing support for NetWare from vendors and other stability issues made Netware a less supportable platform. The decision to implement Active Directory services made the decision to converge on Windows-based file servers very easy. Users of these services gain all the benefits of windows-integrated login, centralized security policy and patch management, as well as quality file and print services. As Windows Services have been developed, their scope has expanded. The Windows Services suite now includes security policy enforcement, system patch management, and PKI services.
A thorough, non-technical introduction to the project, written by project lead Greg MacKinnon, was published in the Summer 2003 edition of IT News.