Академический Документы
Профессиональный Документы
Культура Документы
Enterprise Directory and Messaging Active Directory Pilot Project Management Plan
State of Alaska
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
AD 001 Active Directory Pilot Project Management Plan ETS nternal Draft! revisions "ending E # a""roval of t$e TM% &ision 0'00'(0 2/11/2008 )*ssell +*ni,e! State of Alaska! ETS P$il -o*veia! ETS Teri )asm*ssen! ETS .oe S"ears! ETS State /f Alaska Enter"rise Messaging System and Enter"rise Directory Project Active Directory Enter"rise T$is doc*ment is t$e "roject management "lan for t$e Active Directory Project' T$e c*rrent sco"e is foc*sed on Early Ado"ter De"artments'
____________________________________
Project Manager
_______________
Date
__________
Version
____________________________________
ETS Director
_______________
Date
__________
Version
____________________________________
TMC Chair
_______________
Date
__________
Version
____________________________________
EIB Chair
_______________
Date
__________
Version
Page 2 of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
RECORD OF CHANGES
*A - ADDED M - MODIFIED D DELETED &E)S /0 01M#E) 0'00'01 0'00'20 0'00'60 0'00'80 0'00';0 0'00'(0 DATE 10/26/2007 12/11/200 7 12/18/200 7 1/9/2008 2/7/2008 2/11/2008 01M#E) /2 2 -1)E! TA#3E /) PA)A-)AP4 A" # D T T3E /) #) E2 DES%) PT /0 Draft Draft to reflect TM% &ision Draft to revision to matc$ TM% TM% revie: comments Draft to res"ond to TM% revie: comments Minor corrections for acc*racy %4A0-E )E51EST 01M#E)
Page
&ersion 0'00'(0 Draft
of
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Ta$le of %ontents
Project S*mmary'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ; TM%<s )ecommendation for Enter"rise Directory Services E=ec*tive S*mmary''''''''''''; Active Directory >Early Ado"ters? Project /vervie:''''''''''''''''''''''''''''''''''''''''''''''''''''''7 Active Directory S*,@Projects''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''8 Enter"rise Migration Planning'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''9 Early Ado"ters Migration to AD''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''10 S$ared 2ile Servers Demonstration''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''10 4ig$ 3evel Message and Directory Project Timeline '''''''''''''''''''''''''''''''''''''''''''''''''''''12 Active Directory >Early Ado"ters? Prod*ction Pilot Timeline'''''''''''''''''''''''''''''''''''''''''''16 Sco"e Management Plan''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''18 Project Sco"e Develo"ment'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''18 Sco"e %$anges'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 18 Sc$ed*le Management Plan'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''18 Draft Pilot A#S'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 1; %ost Management Plan''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 17 %ost %ontrols''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 17 5*ality Management Plan'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''18 E=ternal )evie:''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 19 Staffing Management Plan'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 19 )oles and )es"onsi,ilities''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 20 Active Directory Project /rganiBational %$art''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''20 %omm*nication Management Plan'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''21 %omm*nication )eC*irements''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''21 ETS Email %omm*nications''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 21 Sam"le Email %omm*nication'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''21 Project Stat*s )e"ort''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 22 )isk Management Plan''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 22 E=am"le S*mmary )isk Matri= )e"ort''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''22 Proc*rement Management Plan''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''28 %ons*lting''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 28 4ard:are''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 2; Soft:are'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 2; -lossary'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 2;
Page & of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Project S*mmary
n 0ovem,er of 200; t$e Administrative Services Directors of t$e E=ec*tive #ranc$ De"artments of t$e State of Alaska selected Microsoft Active Directory and Microsoft E=c$ange as t$e State of Alaska<s Directory! Messaging and %alendaring standards' After t$e com"letion of Project 1 E=c$ange on 8/1/2007! t$e Tec$nology Management %o*ncil DTM%E took *" t$e iss*e of revising t$e AD &ision and a""roved t$e follo:ing )ecommendations for Enter"rise Directory Services on 1/22/2008
Page + of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
To ,egin to ca"t*re some of t$e ,enefits of a ne: a""roac$! t$e TM% is making a n*m,er of recommendations t$at :ill allo: t$e State to realiBe some cost savings! increase standardiBation of "rocesses and "rod*cts! and centraliBe some services' An >early ado"ter? "ro"osal :ill allo: agencies c*rrently r*nning 0ovell to convert to Aindo:s and Active Directory' T$is :ill give Enter"rise Tec$nology Services DETSE! t$e central T commodity "rovider! an o""ort*nity to ,*ild and demonstrate t$eir a,ility to "rovide t$e same $ig$ level of service t$at de"artments c*rrently enjoy' t also gives ETS a c$ance to refine t$eir "rocesses for c*stomer service! c$ange control! and to develo" effective Service 3evel Agreements' M*lti"le de"artments :o*ld like to "artici"ate as >early ado"ters? DAdministration! %ommerce! Ed*cation and Early Develo"ment in Anc$orage! -overnor<s /ffice! 3a:! and 2is$ and -ameE' ncl*ding t$e De"artment of Administration and t$e -overnor<s /ffice :ill demonstrate and go a long :ay to convince ot$er de"artments of ETS<s a,ility to "rovide effective and res"onsive centraliBed services' T$e TM% recogniBes t$at a ,alance m*st ,e str*ck ,et:een agency and ETS services' #*siness s"ecific a""lications clearly ,elong *nder t$e control of t$e de"artments! ,*t many of t$e infrastr*ct*re services lend t$emselves to a more centraliBed a""roac$' T$e intent is to im"lement an ann*al! iterative "rocess to revie: and revise t$e s$ort! medi*m and long term action items and tasks' T$e ta,le on t$e follo:ing "age s*mmariBes t$e TM%<s Action Plan'
Page , of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Action Items
Short Term .!/02 months1
#*ild o*t c*rrent AD for early ado"ters 1"date T inventory for AD early ado"ters %ond*ct a 1ser Training S*rvey %ond*ct a Tec$nical Training S*rvey %ond*ct End@1ser Deskto" Satisfaction S*rvey Enter"rise contracts for deskto"! la"to"s! "rinters Deskto" re"lacement "rocess %learing$o*se for visits to remote locations %entraliBe file servers as a""ro"riate Service 3evel Agreements Self Service H Pass:ord )esets Enter"rise Antivir*s Services )eal time vie:s of t$e 0et:ork nfrastr*ct*re /"timiBation D)/ E S*rvey
(esour ce
%ost Saving s
ETS T Managers ETS ETS ETS D-S All De"ts All De"ts ETS ETS All De"ts ETS @ SS/ ETS All De"ts'
-enefits
Standardi/ 2ation 3 3 3 3 3 3 3 3 3 3 3 3 3 3 %ost Saving s 3 Standardi2at ion 3 3 3 3 3 %ost Saving s 3 3 3 3 Standardi2at ion 3 3 3 3 3 3 %entrali2ati on 3 3 3 3 3 3 3 3 3 %entrali2ati on 3 3 3 3 %entrali2ati on 3
D-S
ETS G SS/
Page : of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
nitially! t$e Active Directory de"loyment e=isted to s*""ort t$e consolidated E=c$ange arc$itect*re and "rovide a "latform for en$anced comm*nication and colla,oration t$ro*g$o*t t$e E=ec*tive ,ranc$ of government' T$e strategy is for AD to evolve into t$e State<s a*t$oritative a*t$entication service for enter"rise a""lications' %*rrently t$e Active Directory im"lementation consists of 10 domain controllers DD%sE located at t$e fo*r "rimary E=c$ange locations' T$ese domain controllers are designed to s*""ort E=c$ange and for f*t*re initiatives additional D%s :ill need to ,e added' T$e res*lting Active Directory is "o"*lated :it$ all State of Alaska E=ec*tive! 3egislative! and %o*rts em"loyees t$ro*g$ a directory sync$roniBation t$at originates :it$ t$e State<s Payroll System'
AD infrastr*ct*re T$is "roject :ill "lan and sc$ed*le t$e incremental ,*ild o*t of t$e c*rrent E=c$ange Active Directory in order to accommodate De"artmental Migration "lans' T$is "roject :ill also :ork :it$ >early ado"ters? to develo" a list of c$ild domains and reso*rce forests t$at :ill ,e im"lemented and com"lete t$e "lanning for t$e administrative model and *"date t$e AD design' T$e general sco"e :ill incl*deF De"artmental AD assessments and sco"ing meeting o %onfirm and verify information for com"*ters / locations / facilities o Assist t$e de"artment in collecting information to sco"e and "lan t$eir de"artmental migrations o Discover any information t$at mig$t ca*se a c$ange to t$e AD ,*ild o*t or design n conj*nction :it$ t$e TM% assist in t$e develo"ment of a )eso*rce 2orest or %$ild Domain :aiver "rocess' )eso*rce 2orests :ill ,e "lanned! administered! de"loyed and maintained ,y De"artmental T Staff' %$ild Domains :ill ,e "lanned and administered ,y De"artmental T Staff T$e develo"ment of enter"rise standards for "$ysical sec*rity! monitoring! logging and D% distri,*tion for reso*rce forests and c$ild domains' T$e develo"ment of reC*irements for De"artmental c$ild domain "lans T$e develo"ment of reC*irements for De"artmental )eso*rce 2orests "lans T$e develo"ment of an administrative models for c$ild Domains and )eso*rce 2orests Any necessary c$anges to t$e AD design from t$e addition of c$ild domains or reso*rce forests T$e "lanning and develo"ment of any reC*ired inter@2orest or Domain maintenance Testing and investigation of AD *"grade to 2008 Planning and sc$ed*ling t$e ,*ild o*t of AD Page ; of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
nvestigating D% "lacements for adeC*ate sec*rity! "o:er! cooling and s"ace T$e validation and adj*stment of t$e c*rrent str*ct*ral "lan 1"dating t$e AD design 2acilities "re"aration Proc*rement and set*" of D%s 1"dating of o"erational "roced*res 1"dating t$e o"erational staffing and maintenance reC*irements
Page < of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
A final re"ort :it$ recommendation a,o*t f*t*re im"lementations of S$ared 2ile Servers and t$e o"erational staffing and maintenance reC*irements'
Page 00 of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Page 02 of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Page 0
&ersion 0'00'(0 Draft
of
Scope %hanges
Sco"e c$anges :ill ,e first considered and eval*ated ,y t$e Project Team' All sco"e c$anges :ill ,e disc*ssed and a""roval :ill ,e so*g$t ,y t$e Project Management at t$e Project Management meeting' f t$e sco"e c$ange :ill ca*se a greater t$an 10J c$ange to t$e sc$ed*le or cost it :ill need to ,e a""roved t$ro*g$ t$e "roject governance' De"ending on :$at t$e sco"e c$ange is! agreement :ill ,e so*g$t at t$e TA-! TM% or ASD level' T$e *ltimate a*t$ority for t$e Early Ado"ters "roject :ill ,e t$e E #' T$e E # :ill also ,e so*g$t for "roject s*""ort :$en necessary'
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Active Directory nfrastr*ct*re "roject! t$e Enter"rise Migration Planning and t$e Active Directory Prod*ction Pilot "roject' #efore t$e onset of eac$ de"artment "ilot t$e "ilot sc$ed*le :ill ,e revised' t is antici"ated t$at t$e de"artmental "ilots :ill ,e cond*cted in a seC*ential manner so t$at lessons learned from t$e first de"artment can ,e *sed for s*,seC*ent "ilots' Project sc$ed*les :ill ,e tracked in Microsoft Project' Project "lans s$all ,e "*,lis$ed and distri,*ted in a format to ,e determined ,y t$e TA-' A#S %$art Pro :ill ,e *sed in conj*nction :it$ MS Project to $el" create t$e A#S' ETS "roject manager :ill maintain t$e A#S for t$e nfrastr*ct*re! 2ile and Print! AD Pilot and Enter"rise Migration Planning Projects' Additionally t$e ETS "roject manager :ill sc$ed*le and track an integrated De"artmental migration "lan t$at $as at least all t$e de"artment<s "lanned milestones' De"artment T managers :ill ,e res"onsi,le for t$e "lanning and sc$ed*ling of t$eir de"artmental migrations' T$e ETS "roject manager :ill make availa,le a generic de"artmental A#S to De"artment T managers in a format to ,e determined ,y t$e TA-'
Page 0+ of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Page 0, of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
%ost %ontrols
T$e ETS Project Manager :ill em"loy several different met$ods in order to arrive at t$e %ost Estimate to %om"letion DET%E' Estimate to %om"letion DET%E is t$e "roject team<s estimate of e="endit*res t$at :ill ,e made ,et:een >no:? and t$e end of t$e "roject' 2or ETS "ersonnel services and contract*al costs ETS :ill track t$e act*al cost DA%E and t$e earned val*e DE&E in order to calc*late a %ost Performance nde= D%P E' %P N E& / A% and :ill ,e greater t$an 1 if t$e "roject is *nder ,*dget and less t$an 1 if t$e "roject costs are greater t$an "lanned for t$e :ork accom"lis$ed' f t$ere are no aty"ical variances t$e ET% :ill ,e estimated ass*ming t$at any variances are ty"ical' T$is means t$at if t$e "roject %P is '9 o*r estimate to com"letion is ass*ming t$at :e :ill contin*e to ,e over ,*dget at t$e same rate for t$e remainder of t$e "roject' ET% N D#A%@E&E/%P Page 0: of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
f t$ere are aty"ical variances and t$e "roject team does not e="ect similar variances to occ*r in t$e f*t*re ET% :ill ,e calc*lated ,y s*,tracting t$e earned val*e to date from t$e #*dget at com"letion' T$is means t$at :e e="ect t$e remainder of t$e "roject to cost :$at :e $ad originally created as o*r ,aseline ,*dget' ET% N D#A% G E&E 2or soft:are and $ard:are costs ET%! A% and EA% :ill ,e *"dated and revised as "*rc$ases are made and ,etter cost estimates received' T$e #*dget at %om"letion D#A%E :ill ,e *"dated at t$e com"letion of t$e AD Pilot Project and after any a""roved Project sco"e c$ange' T$e Periodic Project )e"ort :ill re"ort t$e c*rrent %P and t$e "rojected %ost &ariance at %om"letion' D#A% G EA%E E& N Earned &al*e is t$e ,*dgeted amo*nt for t$e :ork act*ally com"leted on t$e sc$ed*le activity or A#S com"onent' E&% N Earned &al*e to date A% N Act*al %osts is t$e total cost inc*rred in accom"lis$ing :ork on t$e sc$ed*le activity or A#S com"onent' T$is A% m*st corres"ond in definition and coverage to :$atever :as ,*dgeted for t$e P& and t$e E&' P& N Planned &al*e is t$e ,*dgeted cost for t$e :ork sc$ed*led to ,e com"leted on an activity or A#S com"onent %P %N%*m*lative %ost Performance nde= ET% N Estimate to %om"lete EA% N Estimate at %om"letion N ET% O A% #A% N #*dget at %om"letion
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
TM% )evie:! A""roval and sign off m"lementation of a "lan@do@c$eck@act cycle for contin*o*s im"rovement o Design Testing o Design E="eriments Di'e' D% re"lication testing for remote locationsE o Planned "ilots o Post "ilot revisions to t$e Design! /"erational g*ide and Administrative Model o Pilot gro*"s for eac$ de"artmental migration o Post "ilot revision to de"artmental migration "lans and g*ides /"erational %onfig*ration Management #oard revie: for config*ration and c$ange management o T$e c*rrent AD is a "rod*ction environment o )eC*ired %M# revie: for all major o"erational c$anges o )eC*ired testing in t$e Test and %onfig*ration Management environments o /"erational c$anges to t$e im"lemented AD t$ro*g$ deli,eration of t$e %M#
E)ternal (evie9
n order to assess t$e $ealt$ of t$e enter"rise AD! ETS t$ro*g$ its s*""ort contract :it$ Microsoft :ill sc$ed*le a yearly Active Directory )isk Assessment' T$e res*lts of t$e risk assessment :ill ,e s$ared :it$ t$e TA- and :it$in t$ree mont$s of t$e com"letion of t$e risk assessment ETS :ill "rovide a re"ort on :$at actions :ere taken in res"onse t$e )isk Assessment res*lts'
Page 0< of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
:it$ t$e a""ro"riate ETS Program Manger :ill decide on staff "riorities and allocation to t$e Project :$en t$ere are conflicts ,et:een t$e Project and Program needs' De"artmental "roject staffing :ill ,e t$e res"onsi,ility of t$e De"artment T Managers' ETS :ill "rovide as m*c$ assistance as "ossi,le in t$e form of migration g*ides and direct assistance to De"artmental T Staff' ETS :ill assist t$e De"artmental T staff :it$ t$eir "roject "lanning' 2rom t$e "roject "lanning "rocess t$e De"artmental T manager :ill $ave learn t$e level of effort t$at t$eir de"artment<s migration :ill reC*ire and t$e overall ,*dget for t$eir migration'
Page 2! of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Summary: A %er$ )rie! one paragraph s& ar$ o! /hat the co &nication /i## contain0 On this "ate the CMB appro%e" this change1 2e /i## )egin a3ing this change this /ee31 4o& /i## see this change in this /a$1 This change is a goo" thing1 Paragraphs that constit&te the )o"$ o! the Paragraph * essage
Page 20 of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Paragraph 5 Than3 $o& !or $o&r he#p, participation or &n"erstan"ing1 I! $o& ha%e an$ 6&estions p#ease contact Me at Me.myself@Alaska.gov1 Pro7ect Status (eport
T$e Project Manager :ill com"lete a C*arterly "roject stat*s re"ort :ill ,e made *sing T "roject re"ort' T$ese re"orts are "resented to t$e E #' n addition to t$e C*arterly "roject stat*s re"ort t$e Project Manager :ill ,e res"onsi,le for "eriodic ETS "roject stat*s re"orts' T$e freC*ency :ill ,e determined ,y t$e "roject activity level! ,*t :ill not ,e less freC*ently t$en mont$ly'
Page 22 of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
Page 2
&ersion 0'00'(0 Draft
of
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
%onsulting
2or t$e Active Directory Project t$e "roject team is "lanning on "roc*ring a "rimary %ons*ltant :$o is an Active Directory Arc$itect and e="erienced :it$ migrations to Active Directory' t is antici"ated t$at t$is contract :ill ,e greater t$an L;0!000 and :ill ,e o,tained t$ro*g$ a formal )2P' f t$ere are "eriods :$ere ETS staff needs assistance ,eca*se of an increase in t$e :ork load! t$e Project Team :ill *tiliBe t$e State<s Task /rder system to add additional reso*rces'
Page 2& of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
@ard9are
Most of t$e com"*ter $ard:are :ill ,e availa,le t$ro*g$ t$e e=isting State<s contract' n order to ma=imiBe t$e State<s disco*nt! t$e Project Team :ill com"ile a list of needed eC*i"ment and reC*est s"ecial "ricing on o*r initial ,*lk "*rc$ases Dalt$o*g$ t$ere is a State %ontract t$e vendor can offer "rices t$at are lo:er t$en t$e contract "rice'E All "*rc$ases :ill select eC*i"ment t$at $as ,een esta,lis$ed as t$e State<s standard' n cases :$ere no standard $as ,een esta,lis$ed t$e Project Team :ill develo" a reC*irements list and follo: t$e State<s esta,lis$ed "roc*rement "roced*res' /ne of t$e factors t$at :ill ,e *sed in t$e selection "rocess :ill ,e if t$ere is eC*i"ment t$at accom"lis$es t$e reC*irements already in *se ,y ETS' Antici"ated 4ard:are "*rc$ases may incl*deF Servers for D%s 1PSs %a,les and Monitors 3ocking ca,inets 2ile Servers for S$ared 2ile Servers Storage for S$ared 2ile Servers Ta"e #ack*" systems
Soft9are
Soft:are :ill ,e "*rc$ased t$ro*g$ t$e State<s e=isting contracts' T$e e=isting Active Directory is c*rrently ,*ilt on Aindo:s Server 2006' t is antici"ated t$at a "rod*ction release of Aindo:s Server 2008 may ,ecome availa,le ,efore t$e State is ready to de"loy additional D%s' Aindo:s Server 2008 $as some ne: feat*res t$at may solve some im"lementation iss*es for t$e State' T$e ne: feat*res incl*de more efficient directory re"lication and read only D%s t$at re"licate only a s*,set of t$e directory' T$e State :ill ,egin testing Aindo:s Server 2008 and if t$e ne: feat*res are determined to ,e ,eneficial an *"grade may ,e "lanned "rior to t$e de"loyment of additional servers' Migration Tools or Soft:are :ill ,e a major "*rc$ase for t$is "roject' T$e selection of t$e a""ro"riate AD migration tools is a major com"onent of t$e "roject "lan' Several of t$e "ilots :ill ,e *sed to confirm t$e f*nction of t$e tools meet t$e needs of t$e State' ETS :ill select and "*rc$ase migration tools for migrations to t$e enter"rise Active Directory' Antici"ated soft:are :ill incl*de t$e "*rc$ase ofF Aindo:s Server 2006 / 2008 1ltra,ack D) Migration Soft:are or Tools
-lossary
Active Directory (AD) is an implementation of LDAP directory services by Microsoft for use in Windows environments. Active Directory allows administrators to assign enterprise wide policies, deploy programs to many computers, and apply critical updates to an entire organization. An Active Directory stores information and settings relating to an organization in Page 2+ of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
a central, organized, accessible database. Active Directory networks can vary from a small installation with a few hundred objects, to a large installation with millions of objects. AD G Active Directory AAPAB / Alaska State:ide Payroll System Authentication (Greek! , from "authentes"#"author") is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. Authentication of an object may mean confirming its provenance. Authentication of a person often consists of verifying their identity. $n computer security, authentication is the process of attempting to verify the identity of the sender of a communication such as a re%uest to log in. &he sender being authenticated may be a person using a computer, a computer itself or a computer program. 'ingle Authentication is the concept of a user verifying their identity once in order to gain authorization for all of the resources that they need to perform their job. Authorization - $n security engineering and computer security, authorization, is a part of the operating system that protects computer resources by only allowing those resources to be used by resource consumers that have been granted authority to use them. (esources include individual files or items data, computer programs, computer devices and functionality provided by computer applications. )*amples of consumers are computer users, computer programs and other devices on the computer. -ES C #lack#erry Enter"rise Server or #lack#erry Server Soft:are -lack$erry P / is a name *sed for a series of mo,ile :ireless devices t$at "rovide access to a range of a""lications' Collaborative software! also kno:n as group9are! is application software t$at integrates :ork on a single "roject ,y several conc*rrent *sers at se"arated :orkstations DDS G Domain 0ame System or Domain 0ame Server Domain Dame System or Domain Dame Server DDDSE is a system t$at stores information associated :it$ domain names in a Distributed Database on net:orks! s*c$ as t$e nternet' T$e domain name system DDomain 0ame ServerE associates many ty"es of information :it$ domain names! ,*t most im"ortantly! it "rovides t$e P address associated :it$ t$e domain name' t also lists mail e!c"ange servers acce"ting e#mail for eac$ domain' n "roviding a :orld:ide key:ord@,ased redirection service! D0S is an essential com"onent of contem"orary nternet *se' EA G Enter"rise Agreement ,et:een Microsoft and t$e State of Alaska Electronic mail @ a,,reviated e/mail or email! is a met$od of com"osing! sending! and receiving messages over electronic comm*nication systems' T$e term e@mail a""lies ,ot$ to t$e nternet e@mail system ,ased on t$e $imple Mail %ransfer Protocol DSMTPE and to intranet systems allo:ing *sers :it$in one com"any or organiBation to send messages to eac$ ot$er' /ften t$ese workgroup collaboration systems natively *se non@standard "rotocols ,*t $ave some form of gateway to allo: t$em to send and receive nternet e@mail' Some organiBations may *se t$e nternet protocols for internal e@mail service' Page 2, of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
email + )lectronic mail e-mail + )lectronic mail E-mail protocols ) mail messages are generally sent to an e mail server that stores received messages in the recipient"s e mail mailbo*. &he user later retrieves these messages with either a web browser or an e mail client that uses one of a number of e mail retrieval protocols. ,hile some clients and servers preferentially use vendor specific, typically proprietary protocols, most support the $nternet standard protocols $M%P for sending e mail and -.-/ and $0A-1 for retrieving e mail, allowing interoperability with other servers and clients. 2or e*ample, Microsoft"s &utlook client typically uses a proprietary protocol to communicate with an '!c"ange server as does (M"s )otes client when communicating with a Domino server, but all of these products also support '0&-, -.-/, and $0A-1. 'upport for the $nternet standard protocols allows many other e mail clients such as *ualcomm"s 'udora or Mo+illa %"underbird to access these servers and similarly allows the clients to be used with other servers. ) mail clients can generally be configured to use either -.-/ or $0A-1 to retrieve e mail and in both cases use '0&- for sending. 0ost e mail programs can also use LDAP for directory services. $n the 'tates current configuration $0A- is only available inside the ,A3 or via 4-3 and -.-/ is deprecated due to incompatibility with our e mail archive policy. ETS G Enter"rise Tec$nology Services =ile and print services C T:o common net:ork services t$at are "rovided ,y t$e 0et:ork /"erating System' @TTP G 4y"erTe=t Transfer Protocol @TTPS @ is not! strictly! a se"arate "rotocol! as t$e data is still transferred *sing 4TTPI $o:ever! instead of *sing plain te!t socket comm*nication! t$e session data is encrypted *sing a version of t$e $ecure $ocket Layer DSS3E or %ransport Layer $ecurity DT3SE "rotocols! t$*s ens*ring reasona,le "rotection from eavesdro""ers and man in t"e middle attacks' T$e defa*lt %,P port of an https: 1) is 886 Dfor *nsec*red 4TTP! t$e defa*lt is 80E' HyperText Transfer Protocol D@TTPE is t$e met$od *sed to transfer or convey information on t$e World Wide Web' T$e original "*r"ose :as to "rovide a :ay to "*,lis$ and receive -%ML "ages' I# G nstant Messaging I#AP G nternet Message Access Protocol Instant messaging .I#1 / is t$e act of instantly comm*nicating ,et:een t:o or more "eo"le over a net:ork s*c$ as t$e nternet' nstant messaging reC*ires t$e *se of a client program t$at $ooks *" an instant messaging service and differs from e# mail in t$at conversations are t$en a,le to $a""en in real#time' Internet #essage Access Protocol @ T$e Internet #essage Access Protocol Dcommonly kno:n as I#AP&! and "revio*sly called Internet #ail Access ProtocolE is an application layer nternet protocol t$at allo:s a local client to access e#mail on a remote server' T$e c*rrent version! MAP version 8 revision 1 Page 2: of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
D MAP8rev1E! is defined ,y R C !"#$' MAP8 and P/P6 DPost &ffice Protocol version 6E are t$e t:o most "revalent nternet standard "rotocols for e@mail retrieval' &irt*ally all modern e@mail clients and servers s*""ort ,ot$' 4DAP G 3ig$t:eig$t Directory Access Protocol Lightweight Directory Access Protocol (LDAP) is a networking protocol for %uerying and modifying directory services running over %,P. P. An 5DA- directory usually follows the /.011 model! $t is a tree of entries, each of which consists of a set of named attributes with values. ,hile some services use a more complicated 6forest6 model, the vast majority use a simple starting point for their database organization. An 5DA- directory often reflects various political, geographic, and7or organizational boundaries, depending on the model chosen. 5DAdeployments today tend to use Domain )ame $ystem (D3') names for structuring the most simple levels of the hierarchy. 2urther into the directory might appear entries representing people, organizational units, printers, documents, groups of people or anything else which represents a given tree entry, or multiple entries. $ts current version is 5DA-v/, as defined in 23, //88. 4ive #eeting #icrosoft E)change Server is a messaging and collaborative software "rod*ct develo"ed ,y Microsoft' t is a "art of t$eir Windows $erver $ystem line of server "rod*cts' T$e *se of Microsoft E=c$ange is very :ides"read in large cor"orations *sing Microsoft infrastr*ct*re sol*tions' Among ot$er t$ings! Microsoft E=c$ange manages electronic mail! s$ared calendars and tasks! "rovides f*ll s*""ort for mo,ile and :e,@,ased access to information! and can s*""ort very large amo*nts of data storage' Det>are / is a network operating system develo"ed ,y )ovell4 nc. t initially *sed cooperative multitasking to r*n vario*s services on a P,! and t$e net:ork "rotocols :ere ,ased on t$e arc$ety"al /ero! /)$ stack' Today 0etAare s*""orts %,P. P as :ell as P/.$P/' 0etAare :as one of a series of M0S@,ased systems! :$ic$ also incl*ded (anyan 5 )'$ and 6ngerman#(ass )et.&ne' 1nlike t$ese "rod*cts! and M0S itself! 0etAare esta,lis$ed a strong "resence in t$e market in t$e early 1990s! and managed to ,arely s*rvive t$e onsla*g$t of MicrosoftQs Windows )% :$ic$ killed off t$e ot$er "layers' Network operating system (3.')! $oftware that (a) controls a network and its message (e.g. packet) traffic and 7ueues, (b) controls access by multiple users to network resources such as files, and (c) provides for certain administrative functions, including security. A 3.' is not the same as the networking tools provided by some e*isting .'"s, ,indows 9- for instance. An 3.' is an .' that has been specifically written to keep networks running at optimal performance. D8S G 0et:ork o"erating system GroupWise is a collaborative software product from )ovell4 nc. offering e#mail, calendaring, instant messaging and document management. $t can operate on a number of server and workstation platforms. 'erver platforms include )etWare, Linu!, and Windows, while the client software can run on ,indows, 5inu* and Mac &$ /. :roup,ise ,ebAccess provides users with access to the same functionality from a Web browser. 'pecial modules called gateways support standard $nternet protocols such as P&P8, MAP and $M%P, as well
Page 2; of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
as connecting a :roup,ise system to other messaging systems such as Microsoft '!c"ange $erver and Lotus )otes. 8utlook / is a "ersonal information manager from Microsoft! and is "art of t$e Microsoft /ffice s*ite' Alt$o*g$ often *sed mainly as an e@mail a""lication! it also "rovides calendar! task and contact management! 0ote taking and .o*rnal a,ility' 8utlook >e$ Access .8>A1 / is a :e,mail service of Microsoft E=c$ange Server' /AA is *sed to access e@mail! calendars! contacts! tasks and ot$er mail,o= contents :$ile on t$e go' Microsoft "rovides /*tlook Ae, Access as "art of E=c$ange Server to allo: *sers to connect remotely via Ae, ,ro:sers' Most of t$e f*nctionality in Microsoft /*tlook is also availa,le in t$is :e, Rlook@alikeR' T$e most im"ortant difference is t$at Microsoft /*tlook lets yo* :ork :it$ e@mail! calendars etc' even :$en yo* donQt $ave a net:ork connection! :$ile /AA reC*ires a net:ork connection to f*nction' 8>A G /*tlook Ae, Access P8P G Post /ffice Protocol Post 8ffice Protocol @ n computing! local e#mail clients *se t$e Post 8ffice Protocol version DP8P E! an application#layer nternet standard protocol! to retrieve e# mail from a remote server over a %,P. P connection' 0early all s*,scri,ers to individ*al nternet service provider e@mail acco*nts access t$eir e@mail :it$ client soft:are t$at *ses P/P6' (emote procedure call D(P%E @ is a protocol t$at allo:s a computer program r*nning on one com"*ter to ca*se a subroutine on anot$er com"*ter to ,e e=ec*ted :it$o*t t$e "rogrammer e="licitly coding t$e details for t$is interaction' A$en t$e soft:are in C*estion is :ritten *sing ob9ect#oriented "rinci"les! )P% may ,e referred to as remote invocation or remote method invocation' (P% G )emote "roced*re call imple !ail "rans#er Protocol ( !"P) is the de facto standard for e#mail transmission across the nternet. 2ormally '0&- is defined in 23, :;< ('&D ;<) as amended by 23, <<;8 ('&D /) chapter =. &he protocol used today is also known as '$M%P and defined in 23, ;:;<. S4A G Service 3evel Agreements S#TP G Sim"le Mail Transfer Protocol TAE G Tec$nology Advisory -ro*" Technology Advisory Eroup G /ne of t$e -overnance gro*"s formed to oversee t$e Directory and E=c$ange Project' T$e Tec$nology Advisory -ro*" DTA-E is made *" of one re"resentative from eac$ de"artment "l*s an ETS re"resentative' T$e TA:ill form and assign tasks to vario*s :ork gro*"s as needed' F# G 1nified Messaging Fnified #essaging .F#1 is t$e integration of different streams of messages Demail! 3a!! voice! video! etc'E into a single in@,o=! accessi,le from a variety of different Page 2< of
&ersion 0'00'(0 Draft
Directory and Messaging Project Active Directory Pilot Project Management Plan
02/11/2008
devices' t differs from sim"le multimedia email in t$at 1M systems ty"ically try to integrate tele"$one@,ased voicemail as :ell! and to make t$e 1M mail,o= accessi,le from a conventional or cellular p"one' >indo9s Server 2!! / is t$e name of MicrosoftQs line of server operating systems' t :as introd*ced in A"ril 2006 as t$e s*ccessor to Windows ;111 $erver! and is considered ,y Microsoft to ,e t$e cornerstone of t$eir Windows $erver $ystem line of ,*siness server "rod*cts'
Page
&ersion 0'00'(0 Draft
! of