FastLane Clears the Road to a Windows 2000 Migration

• 01/12/2000

There is no more important piece of a Windows 2000 migration in the enterprise than preparation. Ask Microsoft, ask analysts, ask third party vendors and they will tell you the same. It's doubtful there will be a line of IT managers waiting in line outside the local CompUSA at midnight, February 17, so they can run back to the data center and begin wide-scale deployment.

Chances are they're either waiting for SP1 or still in the planning stages of implementing the new operating system. What is being viewed by some as an expensive technology lock-in is viewed yet by others as an opportunity to do a large-scale clean-up, consolidation and organization of the entire enterprise with a brand new OS and, more importantly, a brand new directory structure.

Active Directory could be the number one reason to move to Windows 2000, with its ability to host up to 10 million objects -- or 60 million in the case of one Unisys implementation -- that can include users, groups or computers dispersed throughout the enterprise. This type of central administration has been a long cried for attribute of Windows 2000.

The problem comes in utilizing the resources your company has now. How do you migrate a heavily populated domain structure from Windows NT to Windows 2000? The directory migration specialists -- FastLane Technologies Inc. (www.fastlanetech.com), Entevo Corp. (www.entevo.com), Mission Critical Software Inc. (MCS, www.missioncritical.com), and Aelita Software Group (www.aelita.com) -- have all been working closely with Microsoft Corp. (www.microsoft.com) to come up with not only a software and services solution but an actual best practices approach based on the largest of large-scale implementations of Windows 2000.

In this first of a four part series, ENT takes an in depth look at FastLane's roadmap and product suite for migrating its customers to Windows 2000 and Active Directory.

Keith Millar, product manager for Windows NT toolsets at FastLane, explains that understanding how to migrate to Windows 2000, means recognizing how Windows NT entered the enterprise. "The first thing we found through our exposure to large customers was by looking at how NT came into their network," Millar says. "It usually came in dribs and drabs but wasn't the most highly managed network."

What network managers should do first is analyze what is and what isn't on the network. FastLane's DM/Reporter allows managers to query the network to find these things. For instance, an administrator could ask DM/Reporter to check for all users that haven't logged on in the last 30 days. This may be an acceptable group of users to remove before migration. Then the administrator could query the enterprise to show all computers that only have 32 MB of RAM. This is below Microsoft's recommendation of 64 MB for running Windows 2000 so now he'll know what computers need to be upgraded.

The next step is modeling the directory structure. DM/Administrator is for administrative policy enforcement on Windows NT. It allows you to build a virtual organizational unit (OU) structure on top of multiple NT 4 domains that can then be made in to a working prototype to move to Active Directory.

Next move is consolidation. One well-touted use of Windows 2000 is to consolidate domains and older, weaker NT servers to fewer, larger, and more powerful W2K servers. Millar relates the most serious issue with this is that by moving data from one computer to another, you lose the permissions from the old computers. FastLane uses DM/Consolidator to move data online to a new server and then do a live switch over to the new community without losing those permissions.

Step number four is the hard migration of getting users and groups to Active Directory. The trick, says Millar, is migrating those users without needing some grand switch over that could be in error and gravely irreversible. DM/Manager allows administrators to open a pristine clean Active Directory environment and then migrate the NT 4 users from existing NT 4 domains in to Active Directory, while keeping users' NT 4 accounts active.

DM/Manager provides a complete fall back mechanism. If everyone is moved to Active Directory and things aren't working, they can log back into their NT 4 accounts while the new server is administered. DM/Manager also provides the graphical interface for pruning and grafting Active Directory trees, and integration mapping technology for keeping track of Active Directory object attributes.

Like at the end of any project, an administer [is this a dangling participle?] needs to do some clean-up work after this great migration. This includes ensuring user access to the same resources they did on NT 4, while making sure they don't gain any new access to resources. DM/Manager will go through the network and replace the old identifiers with new ones.

The final stage will be the ongoing administration and policy enforcement of your new Windows 2000 network. "What an administrator wants to do is shelter the user from all the changes as much as possible," Millar says. "When a user comes in on Monday, they need to get into their share. As long as the technology is available, that user is never allowed to not do their job."

DM/Reporter, DM/Administrator, DM/Consolidator, and DM/Manager are all part of FastLane DM/Suite. The DM stands for "directory management." Also included is DM/Developer that can be used to build cross-directory applications to simplify directory management.

"Active Directory holds a lot of promise for large organizations that have difficult domain structures," says Steve Kleynhans, vice president of Web and collaborative strategies for the Meta Group (www.metagroup.com), but it still won't provide organizations with a single directory solution that will span their entire organization and business systems.

"One of the promises of Active Directory is its ability to provide a management vehicle, or at least the underpinnings to manage all those workstations you have to deal with," Kleynhans explains. "People will be able to put in Active Directory primarily to manage their end user population."

For those who think they've been anxious for Windows 2000 to arrive, they should meet the folks at FastLane. For a company that started in directory management by moving users of Banyan Vines to NT 4, Windows 2000, or NT 5.0, was going to be a huge boost in business for FastLane.

"About a year ago, we ramped our engine and we rolled a program called Fit for 5.0 and customers could run these self-tests," explains Dave Waugh, vice president of marketing with FastLane. "The program was successful but the product [Windows NT 5.0] didn't ship."

With the final ship date finally on the horizon, Waugh says finding the return on investment (ROI) is a multi-faceted equation: "If you did a simple one-to-one NT 4 to Windows 2000 Server, I don't think you could prove a huge [ROI] in the short term, but when you add in a consolidation and reduce the actual physical servers serving up data you can justify this kind of exercise. For a CIO looking at this, this is an opportunity to simplify the management of their network to administer their company."

Next issue: Mission Critical simplifies Windows 2000 migrations with OnePoint Domain Administrator.