MCP TechMentor Diary, Day 4 and 5 Roundup

Security, Exchange, security and Windows 2000 migration fill the last two days of the conference schedule for reader Rick Johnson.

Day Four
Barry Shilmover, Deploying Exchange
Barry's mission was to educate us on the traps in our attempt to upgrade or deploy Exchange 2000 Server. I learned that Exchange 2000 requires Active Directory be deployed before Exchange can be installed. I also learned that Exchange installation could cause a tremendous amount of replication traffic when Exchange causes the Active Directory schema to be extended. To help minimize this, he recommends a pre-installation step of running some utilities called forest prep and domain prep that can do all of this work before Exchange actually gets installed. This could be run at a time when it would impact the network the least, perhaps on a Friday evening or a Saturday.

Barry recommends a baseline configuration of at least one global catalog server for every four Exchange servers.

Roberta Bragg, Implementing ISA Server in your Org
A noted security expert, Roberta Bragg went over her "10 Steps" to a successful deployment of ISA Server in your organization. She pointed out that simply installing this component into your organization is not enough to allow clients to gain access to Internet resources—it must be modified to allow access. She covered each of the many tabs in the ISA Server administrator tool and touched on its many options for both proxy and firewall capabilities. I learned quite a bit, particularly about services and other components that get installed by default on a server that just aren't needed and can pose a risk. As with Exchange, Roberta pointed out that ISA Server does schema modification. As one who has worked with Proxy Server extensively, I was particularly interested in getting this preview.

Bill Heldman, Preparing for the Windows 2000 Installer
Bill started by explaining some of the inherent problems with software installation and the stability issues they can introduce into client computers. During an installation, a program's older DLLs might replace critical system DLLs, and this can cause client PC crashes and blue screens. Bill explained how Windows 2000 has cleaned up the installation process through driver signing, and by using the Windows 2000 installer service. This is a tool that can be used with group policy objects to publish or assign software to users. The Windows 2000 Installer makes deploying software easy, self healing, and helps to reduce some of the problems. Bill says that it's not a replacement for System Management Server; Windows Installer should be used primarily in smaller environments.

Day 5
Don Jones, Migrating from NT4 to Windows 2000 Parts 1 and 2
Migrating to Windows 2000 is a very complex and complicated task. Don's session had lots of useful information and suggestions for both an in-place upgrade and a migration. He started out with a demonstration of one of the tools, the Active Directory Sizer, which you can use to give you an idea of how many domain controllers to plan for in your Active Directory. He also pointed out some of the quirks and errors in some of the default settings in that tool and his suggestions for more realistic settings. Michael went into a lot of detail about perhaps some of the things I heard most at this conference—forests, domains, sites. He then put these terms to work, explaining in detail what affect the choices we make can have on the final resulting Windows 2000 Active Directory. Along the way, he provided thorough explanations of several tools, including the Active Directory Migration and the Group Policy Migration tools, and said that the Windows 2000 Server Resource Kit is a must. Don's session was time well spent.

Wrapping up my week at the TechMentor conference, I believe this conference to be even more valuable than instructor-led training. While I've had extremely skilled instructors in some instructor-led classes I've attended, it's not quite the same as being able to learn and ask questions from some of the most experienced IT professionals that our craft has to offer. And, IT folks haven't lived until they've attended a Mark Minasi keynote. I enjoyed my experience this week and I'm glad I was able to share this with you.

About the Author

Rick Johnson, MCSE+I, has extensive experience in network and security design, enterprise application rollouts and management. Rick, formerly an NT Administrator and Desktop Engineer for the Advanced Systems Lab at Hewlett Packard's Mountain View site, also holds CompTIA A+, Network+, iNet+, Server+, Citrix Certified Administrator, and Certified Internet Webmaster Associate certifications. He's currently in pursuit of an MCSE upgrade.


comments powered by Disqus

Subscribe on YouTube