|
Last Updated: October 22, 2009 U-M ForestHistory of the Forest DesignThe U-M Windows Forest began in July 2000. The forest design has evolved over the years as it adapted to changing requirements of the units at U-M and as best practices for a Windows/Active Directory environment solidified. For a history of the forest design, explaining why we did what we did, see "History of the Design of the U-M Windows Forest" (a.k.a. History/Design). For a presentation given by Dave Detlefs to the Common Solutions Group in May, 2000 outlining the plans for the forest, see "Windows 2000 Planning at the University of Michigan".
The UMROOT DomainThe hub of activity, in the U-M forest, is in the UMROOT domain. This is where users are created and both central and local units place their AD objects for using the Windows infrastructure. "Active Directory Design of the UMRoot Domain" describes how this domain is organized and how the departments at U-M use this resource.
KerberosKerberos is integral to the security of Active Directory. At U-M, we deploy pass-through authentication to the campus MIT Kerberos realm, providing easy access to campus resources using known credentials. For a description of this integration, see "Windows Active Directory Kerberos Interoperability".
PoliciesThe U-M Windows Forest planning and implementation was done as a joint effort between IT Central Services and several campus units interested in developing a central infrastructure. A set of policies have been written that elaborate the definition of "good citizenship" within the forest and are captured in the document "U-M Common Windows Active Directory Infrastructure Policies at the University of Michigan".
ResourcesThe UMROOT Forest provides the basis for the use of various Windows and Active Directory resources at the University of Michigan. In some cases, this is provided in the forest for general use. In others, the infrastructure to use these capabilities exist in the forest, and the campus unit wishing to take advantage of it may do so by providing their own service. Information about these resources and how to take advantage of them are provided via the "UMROOT Forest Resources" page.
Naming StandardsIn a large distributed infrastructure such as this, naming statndards are critical to keeping it all straight. If you are planning to participate in the U-M Windows environment, "Naming Standards for the U-M Windows Forest" is a must-read for you.
MaintenanceAll computer systems require maintenance. For information on the maintenance and notification policies at the University of Michigan, see "Maintenance Policy for the U-M Windows Forest".
Test ForestITCS maintains a test forest for use by the campus community. For information about test firest, see "U-M Windows Test Forest".
|
