Microsoft Systems Management Server Implementation at SLAC
Download
Report
Transcript Microsoft Systems Management Server Implementation at SLAC
Microsoft Systems Management
Server Implementation at SLAC
Freddie Chow
[email protected]
Stanford Linear Accelerator Center
Contents
Overview
SLAC
NT Environment
Current Status
Work-In-Progress
Some Recommendations
Summary
Overview
Systems
management tool set by
Microsoft
Require MS SQL Server 6.x or 7.0
Current SMS Version 2.0 with SP1
SLAC uses v1.2 and working on
upgrading to v2.0
Components of SMS
Software/Hardware
Remote
Inventory
Tools
Software Distribution
SMS Installer
Shared Network Application
Network Monitor
SLAC NT Environment
Single
master domain model
13 Windows NT domains
~1400 NT machines
Windows NT is supported
A Bit of History
~
2 1/2 years back searched for a
central management software
Looked at NICE/NT, SMS, LANDesk
Mgmt, etc.
SMS matched SLAC environment
Collaborated with BSD, project started
SLAC Computing Service and other
departments wide collaboration project
SMS Architecture at SLAC
2
SMS primary sites
9 NT domains managed by SMS
~1000 Windows NT machines (~71%)
Business Service Division - One site
• To support secured network
8
other domains - One site
Architecture - continued
SLAC-wide
Site
• Primary site server
– Dual PP200, 256MB
• 3 Distribution servers
– 2 Dual PP200, 256MB, RAID 5, 1 PP200,
128MB
BSD
Site
• Primary site server, also distribution server
– PII 400, 256MB
Security Models
Integrated,
Standard, Mixed modes
Standard mode at SLAC on v1.2
• Requires MS SQL server login + NT login
More
granular security on v2.0
What have been done?
Standardize
on hardware and software
configuration (on going)
Software distribution
Use of remote tools
Inventory reports
Shared Network Application (tested)
Hardware Standardization
Name
brand vendor for hardware
Clone not recommended
Workstations, laptops - Dell
Servers - Compaq, Dell
Desktop Standardization
Scripted
install of workstations
Maintain known configuration
Format disk and reinstall as time
permits
Software Distribution
Use
Package Command Manager
service
Unattended install
• NT 3.51 to 4.0 upgrade, NT4 SP3, SP4,
SP5, Post-SP Hotfixes, IE 4.x, Netscape
Communicator 4.x, Meeting Maker, Virus
Definition Files, SolidEdge CAD Software,
InocuLAN, Software Patches, Uninstall
VirusScan, TeraTerm, AFS Client 3.5
(beta), etc.
Use of Remote Tools
User
support
• Remote trouble-shooting, user education
Servers
support
Essential tool for work-from-home
admins
Network Monitor - restricted usage
Inventory Reports
Some
samples:
• Check for NT Service Pack in a domain, in
all domains
• List IP address of machines in a domain
(for network change)
• List CPU MHz, RAM, user, office number,
etc.
Customized
Reports
reports - use Crystal
Shared Network Application
Tested,
but not in production
Miscellaneous Issues
Locked/powered
off machines resulted
in failed software distribution
Home connections very slow for
software distribution support
Domain administrators need to keep
accurate machine lists
Benefits
Shorter
response time
• Shorter downtime, higher productivity
Reduce
TCO
• No more house calls for software
install/upgrade
Quick
response to security vulnerability
• Apply NT hotfixes to a domain in one night
Eliminate
human errors
In Progress
Upgrade
to SMS Version 2.0 - testing
Develop internal training material
Evaluate complementary tools
Evaluate Windows2000 deployment
Anticipated Usage with SMS 2.0
All
of the above
Enforcing software licensing requires all
NTs on SMS
Turn on software metering
Fine-tune security
Security fixes, Service Packs on
Windows2000, etc.
Some Recommendations
Architecture
is based on environment
SMS 2.0 with SP1, SQL Server 7.0
Servers requirement sizing
• CPU MHz, RAM, disk space, RAID
• How many servers ?
• Where to put which server ?
Test,
test, test before deployment
Summary
Essential
tool set for managing
Windows environment
Reduce TCO
Complexity - high
SLAC NT administrators like it