| About InfoWorld : Advertise : Subscribe : Contact Us : Awards : Events : Store |
 |
||||
|
||||
 | ||||
 |
|
|||
 |
||||
|
|
|
||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
 TEST CENTER Windows 2000: A complex server By Kevin Railsback , InfoWorld Test Center May 5, 2000 IN THIS ARTICLE, I examined the business impact of integrating a network of PCs connected to a Windows 2000 file-and-print server into an existing enterprise environment. Businesses are increasingly faced with the issue of keeping network administration and user training costs down while supporting a wider and wider range of network operating systems and client machines. The key to success is integration using available tools and protocols, such as LDAP, to make both IT staff's and the end-users' lives easier. In this scenario, the large company, Bigcorp, has just acquired a small start-up, Smallco. I examined the pros and cons of integrating the two networks, including training and support costs. I found Windows 2000 Advanced Server to require more work than the other NOSes in this report. Nonetheless, your prospects for success in a similar situation are reasonable. I rate Windows 2000's interoperability Good.
The challenge is to get this new set of users and PCs up and running on the Bigcorp network in as quick and efficient a manner as possible. Integral to this transition will be to get Smallco's users hooked up to the Bigcorp NetWare server for access to files and to the Lotus Domino 5 server for their email needs. The steps needed to perform the LDAP integration of Smallco's Windows 2000 server and to get it to connect to Bigcorp's existing infrastructure depend heavily on Smallco's current setup. Smallco could have its Windows 2000 server set up in one of two ways. The first is to use a workgroup model for file-and-print sharing. Using this method, Smallco would have user accounts and groups set up on its Windows 2000 server and on each client machine that is set up to share resources. In this simple scenario, user and group accounts can be set up on the server and security can be configured. When users connect to shared folders on the server, they give their user names and passwords and are then authenticated. This is the starting situation I used when testing the interoperability for this story. I'll outline the steps involved and pitfalls I found later. The other possible setup is that Smallco could have installed Windows 2000 with all the bells and whistles. The company could have Active Directory installed, all users and groups set up to be replicated across machines, and all services configured to talk to the server. This greatly complicates matters, as our Bigcorp-Smallco LDAP integration can't be done in conjunction with a fresh Active Directory installation. Instead, you'll need third-party tools to handle directory synchronization between the Smallco Active Directory and Bigcorp LDAP servers. A scenario such as this can greatly complicate matters and would raise the integration costs as well as the time involved in getting the networks in sync. Because Smallco hadn't yet set up Active Directory on its server, my first step in the integration with Bigcorp was to prepare this. I went into the Configure Your Server wizard in the Administrative Tools folder on Smallco's Windows 2000 server and selected Active Directory. Using the Active Directory setup wizard, I configured it to use the same domain information as the existing Bigcorp LDAP server. Once this process was complete, I rebooted the server (some things never change with Windows) and Active Directory was enabled. I then went in and verified that Active Directory was working properly. I could log in from client machines, using the user names and passwords that were pulled in from the original setup of the Windows 2000 server. Next, I tested that the LDAP capabilities of Active Directory were working by using the LDP.exe, a tool that is included with the Windows 2000 CD and that is designed to connect to LDAP servers and test their functionality. LDP.exe allowed me to connect via LDAP to the Windows 2000 server, as well as to the Bigcorp LDAP server on Sun Solaris. This is where the road got rough for Windows 2000. When testing Linux, I could go in and set up a replication agreement between the two servers, and all of the directory synchronization was taken care of automatically. With Windows 2000, I was able to get this to work in one direction, pulling the Windows 2000 information into the existing LDAP server. However, I had difficulty moving users and groups from the Solaris LDAP server into Active Directory. I eventually got the synchronization to work using some special features designed for Windows NT integration in the iPlanet Netscape Directory Server. Getting Smallco's users set up on the Bigcorp NetWare network wasn't difficult. Once I installed and configured the NetWare client software and got the users set up in the NetWare directory, they were all set. This gave all of Smallco's users access to the files and documents from Bigcorp, and they could maintain their existing connections to the Windows 2000 server. E-mail services were similarly easy to get up and running. Smallco had been using the e-mail accounts provided by its ISP, with Outlook Express as the e-mail client software. I configured Outlook Express to connect to the Bigcorp Domino server via POP3, and the users were ready to go. This should work great as an intermediary step until the full Lotus Notes R5 client software can be rolled out to these users. It also gives mobile users convenient access to their corporate e-mail while traveling, without having Notes installed on their mobile device. By integrating the network infrastructure of Smallco into that of Bigcorp, management hopes to reduce the overall administration costs. The time and resources needed to maintain these network separately would place a large burden on the IT department of Bigcorp. It would also force end-users to keep track of their user information for the various networks and to develop work-arounds for resources they can't easily access. Although I encountered some problems in getting Active Directory to communicate with Bigcorp's LDAP server, overall the integration was a success. Although Windows 2000 works great in a Windows-only environment and is starting to have wider standards support, there is still work to be done. Specifically, Active Directory needs more robust support for external LDAP server synchronization and updating. On balance, I give Windows 2000 Advance Server an interoperability score of Good. You can reach associate technical director Kevin Railsback at kevin_railsback@infoworld.com.
 RELATED SUBJECTS  Operating SystemsSPONSORED WHITE PAPERS 
SPONSORED LINKS
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||
|
||||||||||
