+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
Windows Server 2000/2003 Thread, School network in Technical; Hi, I'm wondering if anyone could shed any light on this or advise me on the best way to sort ...
  1. #1

    Join Date
    Apr 2012
    Location
    Cheshire
    Posts
    98
    Thank Post
    4
    Thanked 1 Time in 1 Post
    Rep Power
    0

    School network

    Hi,

    I'm wondering if anyone could shed any light on this or advise me on the best way to sort this system out.

    I have just inherited a network which by first opinions is a total mess, completely disorganised in all aspects. It is a secondary school with 6th Form has around 500 PC's, 14 servers, 1300 students, 160 staff.

    All servers are running 2003 R2, desktop on windows XP.

    The first thing I would like to address is the domain structure, there is a parent domain and 2 child domains all on a single site which I find to be A)very confusing B)pointless on a single site and C)Probably doing more harm than good in terms of performance

    Ideally I would like to remove the child domains and just have a single parent domain, with 3 DC's and the remaining servers becoming member servers.

    As it stands there are 3 DC's on the parent domain, 2 DC's on one child domain and 2 DC's on the other.

    Has anyone had any experience of doing this and what would be best practice?

    Cheers

  2. #2
    AButters's Avatar
    Join Date
    Feb 2012
    Location
    Wales
    Posts
    452
    Thank Post
    137
    Thanked 105 Times in 80 Posts
    Rep Power
    41
    Personally - I'd start from scratch. Leave it as it is for now whilst jiggling servers around to free up some server recources that you can use and start creating a new active directory. But thats just me.

  3. #3
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,648
    Thank Post
    164
    Thanked 217 Times in 200 Posts
    Rep Power
    66
    I'd spend a couple of weeks trying to figure out the foibles and if there's any hidden reasons for the setup before changing anything.

    Are the child domains for staff \ students? Always interested in various ideas with 2 domains \ subdomains \ trusts but in the end 1 seems to be the path of least resistance. So much stuff needs to be linked up these days splitting across multiple domains just makes life more hassle than it's worth...

    The fresh start sounds like a plan, that way you know what you've done (and a good excuse to get the migration to 2008 R2 \ Windows 7 done)

    14 servers... time for virtualisation as well?

  4. #4

    Join Date
    Nov 2009
    Location
    Manchester
    Posts
    1,045
    Thank Post
    6
    Thanked 198 Times in 178 Posts
    Rep Power
    51
    Sounds like a summer job to me, work out what does what now, work out a plan of attack and then start it in the summer holidays.

  5. #5

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,154
    Thank Post
    12
    Thanked 224 Times in 214 Posts
    Rep Power
    66
    First thing I would do it make sure the backups are working then at least if anything fails you can restore.

    Then I would start from scratch.

  6. #6
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,185
    Thank Post
    133
    Thanked 340 Times in 287 Posts
    Rep Power
    84
    +1 for backups as above - this doesn’t sound like the time to watch things falling apart.

    It does sound like you should consider a ground up build - what you have there sounds like something more complex than even most medium sized businesses and is not suitable for a school.
    Spend plenty of time planning your new network – you might even want to take Windows Server 8 in mind as it should be with us before the end of the year.
    Other than that you should to look at mixing in a few value added features like a VPN for staff or virtual desktops for the students (just so it doesn’t look like you have made massive changes spent loads of money but not actually brought anything worth while to the table).

  7. #7

    Join Date
    Feb 2008
    Location
    Wiltshire
    Posts
    877
    Thank Post
    274
    Thanked 139 Times in 112 Posts
    Blog Entries
    26
    Rep Power
    42
    Wahay! Welcome to the Party! Sounds just like it was when I got here four years ago. Sounds like a great project to get your teeth into.

    Pete

  8. #8
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,648
    Thank Post
    164
    Thanked 217 Times in 200 Posts
    Rep Power
    66
    Quote Originally Posted by jamesfed View Post
    +1 for backups as above - this doesn’t sound like the time to watch things falling apart.
    Spend plenty of time planning your new network – you might even want to take Windows Server 8 in mind as it should be with us before the end of the year.
    Words of a brave man taking on a new Server OS on initial release

  9. #9
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,185
    Thank Post
    133
    Thanked 340 Times in 287 Posts
    Rep Power
    84
    Quote Originally Posted by gshaw View Post
    Words of a brave man taking on a new Server OS on initial release
    If Hyper-V in Server 8 is as good as promised we will be going onto it ASAP

    With the new world of public Beta and RC testing I think the days of shoddy first releases (expecily now that service packs are mere roll ups of previous updates and hotfixes) are starting to fade away.

  10. #10

    Join Date
    Apr 2012
    Location
    Cheshire
    Posts
    98
    Thank Post
    4
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by gshaw View Post
    I'd spend a couple of weeks trying to figure out the foibles and if there's any hidden reasons for the setup before changing anything.

    Are the child domains for staff \ students? Always interested in various ideas with 2 domains \ subdomains \ trusts but in the end 1 seems to be the path of least resistance. So much stuff needs to be linked up these days splitting across multiple domains just makes life more hassle than it's worth...

    The fresh start sounds like a plan, that way you know what you've done (and a good excuse to get the migration to 2008 R2 \ Windows 7 done)

    14 servers... time for virtualisation as well?
    The child domains are split to be one handles student logins and home folders and the other one handles all staff logins and home folders, teaching staff and admin.

    My plan is to get a single domain with 3 physical Dcs not a fan of virtualising them and then virtualise the remaining 11.
    I think like most schools they believe having the admin and academic domains separate it improves security but it's only ever as good a staff passwords so I want it as one.

    I'm all for starting from scratch with a new domain and migrate the various roles across although i have never had to do it before its a vanilla windows network though so should be pretty straight forward right? I guess recreating ad, DNs and migrating home directories is the biggest problem.

    Is there really no other way to do it without having to start from scratch?

    Could I not use ADMT to migrate users and computers from the child domains to the parent? then demote the DC's running on the child domains and place them on the parent domain to just deal with the home directory side of things till they can be moved?
    Last edited by Badaz52; 3rd April 2012 at 07:48 PM.

  11. #11

    Join Date
    Feb 2008
    Location
    Wiltshire
    Posts
    877
    Thank Post
    274
    Thanked 139 Times in 112 Posts
    Blog Entries
    26
    Rep Power
    42
    I remember when I first started, we had two seperate domains for admin and curriculum. At the time there was a lot of discussions and debate on this very forum about split domains vs flat. I wanted to flatten the domains and have just one; security on the destop has moved on a bit from the early school network days. Ease of administration was my biggest factor and its worked quite well since we implemented it over two years ago. It's stopped alot of grief with various staff members having two seperate login details. We have machines built differently, curriculum and admin, with CSE in use on the curriculum which with a load of custom GPO's in place locks things down pretty tight. Admin machines don't allow student logins to be used, and desktop backgrounds shout clearly what type of logon is being used. The use of loop back GPO enables a different set of GPO's to be applied depending on the type of machine being used. But, granted, the weakest link will always be the staff, but so far, so good.

    The biggest driver was the introduction of lesson monitoring and SIMS in the classroom and the SIMS server originally sat on the admin domain. Trusts where obviously in use to enable this to happen originally, but I really just wanted to Keep It Simple.

    Best of luck.

    Pete
    Last edited by FragglePete; 3rd April 2012 at 08:54 PM.

  12. #12
    p858snake's Avatar
    Join Date
    Dec 2008
    Location
    Queensland
    Posts
    1,490
    Thank Post
    37
    Thanked 175 Times in 151 Posts
    Blog Entries
    2
    Rep Power
    51
    Quote Originally Posted by Badaz52 View Post
    Is there really no other way to do it without having to start from scratch?

    Could I not use ADMT to migrate users and computers from the child domains to the parent? then demote the DC's running on the child domains and place them on the parent domain to just deal with the home directory side of things till they can be moved?
    Doing it from scratch is nice, That way everything is fresh and no possible hidden gotchas waiting to pounce.

    You could use ADMT to transfer profiles (no idea if it handles computers in AD) but again nice to go with everything fresh if possible, and its not that hard to move home drives in/for AD. Students will most likely (hopefully) using some type of restricted/mandatory profile so just recreating it won't be too hard. Getting staff to accept new profiles might be a harder subject (which transferring might be of some use) because some might be using their desktops as document storing areas (although if they are redirected already that isn't much of a problem).

  13. #13

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    9,787
    Thank Post
    572
    Thanked 2,154 Times in 982 Posts
    Blog Entries
    23
    Rep Power
    626
    I would offer a word of caution though. Was the school network was setup like this, or did it evolve into its current form? If it evolved then there may have been a reason for this, so please ensure you take into account any specific 'quirks' before planning to re-do the entire network.
    Of course if it was setup like this orginally then what you are planning would probably be for the best. The easiest way to do it IMO, would be to get the AD setup well in advance on a local VM and you can do this over a period of time without affecting the main network (which if working correctly should not be messed with!). Once you have AD (users etc), DNS and other services setup correctly it is a simple matter to setup physical servers and migrate roles from the VM. Doing it this way will save you a great deal of time and effor in the summer, for as others have said, this will be a summer job, and as long as the VM is setup correctly the backend migration should take about a week to flatten the physical servers, install server O/S, migrate AD, integrate user areas etc. That then leaves you some time to do the desktops, which are always fun!

  14. #14
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    671
    Thank Post
    41
    Thanked 16 Times in 15 Posts
    Rep Power
    20
    I seem to remember that allot of school networks were originally set up with two domains admin and curriculum to keep the two separated this was a favorite in the NT4 days. There was a one way trust set up with the curriculum trusting the admin domain.

    Its possible that this is a theme of this idea. But I would run with it for a while because sometimes you have to work with things for a while before you are able to see the reasoning. I take it you are not able to speak to anyone that has been involved with the network previously?

    Apart from that I have to go with Dos_Box some sound advice there.

  15. #15

    Join Date
    Feb 2008
    Location
    Wiltshire
    Posts
    877
    Thank Post
    274
    Thanked 139 Times in 112 Posts
    Blog Entries
    26
    Rep Power
    42
    I think its wise as people are suggesting to run with it for a while. Don't got in like a Bull in a China shop and try to change everything overnight. Teachers are slow to adapt to change. From experience here; get the current system stable and win the confidence of your users - then plan all the major changes and work them in ensuring you have demonstrated to all the various faculties that what you have in the pipeline is going to benefit them and make it a better place.

    Pete

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Merging 3 schools networks
    By ryan_powell in forum Wireless Networks
    Replies: 8
    Last Post: 6th February 2008, 08:46 AM
  2. Whole school network freezing
    By standunstan in forum ICT KS3 SATS Tests
    Replies: 15
    Last Post: 28th March 2007, 08:59 AM
  3. Shared areas on school networks
    By ranj in forum Windows
    Replies: 13
    Last Post: 10th November 2006, 08:03 PM
  4. School networks and aid to Africa. A comparison.
    By Dos_Box in forum General Chat
    Replies: 14
    Last Post: 5th July 2005, 11:36 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •