View
213
Download
0
Category
Preview:
Citation preview
HEPiX-HEPNT 2000Report
Enrico M.V. Fasanelli &
Gian Piero Siroli
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
We Apologies to the Audience…• Written (you may read: “cutted-and-pasted”) in
English directly from the HEPiX-HEPNT 2000 talks (without the permission of authors)
• Long and annoying– But there is two full days ( two lunch, four coffee
breaks, and two dinners) with 21 official talks
• Incomplete
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
Outline of Workshop Summary• Approach to Windows 2000• Windows 2000 deployment• Application deployment/support• Security / Authentication issues• Web services• Other utilities
– Windows Terminal Server
– Exchange
• HEP applications (triggered by GPS)
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
Approach to Windows 2000• The common approach: Form a committee…
– New w2k domain for DESY.• integrated to the existing NT one (migration by evolution
from NT to W2000).
– CERN is following the MS recommendations for the NT4 to W2000 migration.
• a lot of problems in migrating out of Novell NetWare
• MacOS too is a problem (policy problems).
• Production date of W2000/NICE2000 is delayed…
– RAL (CLRC) has W2000 only on some laptops and servers and move cautiously towards Active Directory.
• The existing NT4 domain is crucial to lab
• They are now inside the clrc.ac.uk domain with Daresbury Lab
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
Approach to Windows 2000– FermiLAB: from 30 NT domain to a single W2000 one.
• with multiple organizational units.
• Investigate possible NT4 to Active Directory migration tools.
– LAL / CNRS is migrating the NT4 domain to W2000.
• Initially in mixed mode (VMS PathWorks constraints).
• Keep the DNS primary server on UNIX.
• No plan for a wide upgrade, but new PC in W2000 by default.
– CEA/DAPNIA/SEI are implementing a pure W2000 domain.
• Try to use the max. of W2000 functionalities.
• Products are assigned or published with Group Policy.
• Startup scripts for computers and users.
– SLAC is heavily based on NT4 WTS.
• Testing & implementation of W2000 native Terminal Services and Application Deployment Services is planned.
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
Windows 2000 Deployment• RIS limitations
– RIS is not able to install Server version of W2000.– Concurrent Remote Installations can overload the
server.• Unicast based actions slow down the process of multiple
installations.
– Unable to control disk partitioning during the installation process.
– Retrofitting drivers in the image is very complex.
• PowerQuest Drive Image Pro– Faster than RIS for single and multiple installation
• RIS 1m21min, 4m48min; DI 1m12min, 4m14min.
– Meaningless auto generated computer names
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
Application deployment/support• Beyond MSI
– Group policies may work in a small scale environment. For large sites the extra features of SMS (v2.0 +SP) seem to make it the most attractive. For medium sites third party solutions such as Delta Deploy have more functionality than GP with less complexity than SMS
• MSI is NOT an application manager.– Focus was installation process, not software
management– Targeting in a pure Win2000 environment with Active
Directory and GPO• High complexity
– No targeting for Windows NT 4.0 and Windows 9x
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
Security & Authentication Issues• Compatibility issues in mixed environments.
– If you are in mixed environment, the least you should do is get rid of LanMan Hash until Microsoft solves Win2K with NTLM v2 problem.
• Common password service– JeffessonLAB: jpasswd
– Kerberos 5 support ?
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
Web Services• Namespace, ISP like Web services• Web is more than HTML !
– File services
– XML – the basis for distributed services –
• SOAP
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
Other Utilities• Windows Terminal Server
– At SLAC is used heavly• Clients on Terminals Windows CE based (WYSE)• Users are happy• Is not clear if the version embedded in W2000 is able to speak
to Citrix clients
• Exchange– PROS
• Encrypted passwords, Secure web access, Database for messages
• In addition it had calendar and virus scanning add-on
– CONS• Eudora does not support SSL (and Exchange does not support
Kerberos)
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
HEP Applications• Discussion triggered by Gianni.
– The approach for the SW development is very different from W & U environments.
– The GRID MiddleWare can be the response?
– Applications can be written in a architecure independent way?
– But there are aready some physics applications (ROOT for example) that is Win ready.
Enrico M.V. Fasanelli & Gian Piero Siroli Commissione Calcolo - Roma 14 Novembre 2000
Report
References
http://www.jlab.org/hepix-hepnt/agenda.html
Recommended