Active Directory/Documentation/Infrastructure Todo List

From WolfTech
Revision as of 15:18, 10 March 2009 by Jaklein (talk | contribs)
Jump to navigation Jump to search
  • Change the default location of newly joined computers to an OU so we can apply default settings.
    • DJGREEN writting proposal email for community -- eta 3/11/09.
  • Centralize WSUS (Dan/Josh)
    • Meeting to discuss deployment 3/6/09.
  • Centralize WDS (Michael/Alan)
  • Update the password change page to try another DC if it fails
  • Write web interface to allow "enabling" of user accounts that get erroneously disabled due to feed errors or wrong paswd entry multiple times.
  • Populate the rest of unityids (Dan)
    • DJGREEN will have ABSTEIN roll-out week of 3/9/09
  • Get the delegation of packaging permissions working correctly
  • Get the GPO Delegation script pulling the list of "units" from the database rather than by hand
  • Move the crons off of 00dc to the new cron server
  • Move new DC's to DC's (Derek)
  • dcpromo new DC's and raise forest level to 2008 (Derek/Dan)
  • Split out XP/Vista/2003/2008/Default Domain Policy to 5 policies rather than 3
  • Get Webdav working on DFS root servers (Derek/Josh)
  • Create/update (2008/Windows 7) central admx store
  • Fix NT Authority/Interactive bug
    • DJGREEN has long email written to explain... might eventually send it!
  • Get LDAPS working correctly from the web/php side
  • Populate gid/uid's
  • Fix Mac File server group permissions issues
  • Get workshop accounts populating and disabling correctly
  • Report on last logon timestamp for computer objects > 6 months
  • Certificate services - can we use a chained signing cert from the OIT cert as the SOA for enrollment?
  • Sane model for support/access/location for personally-owned equipment
    • DJGREEN: Needs discussion -- personally opposed to allowing non-NCSU equipment on domain (though I'm willing to make exceptions for special cases -- just don't want every student on it!)
    • WRBEAUDO: If we're going to allow for any personally owned machines on the domain, we need to be prepared to handle all of them. Having a solid process/gameplan up front is crucial to not getting screwed later.
  • Prep work for roaming profiles
  • GPO setup with groups and all wolfcopy printers so people can pick w/o much work
  • Report on not-linked-in GPO's and last modify date > month
  • DC Backups need to go off site
  • Fix 2008 TS License location issues
  • Test Domain: What accounts? Push OU/GPO structure regularly. Trusts?
  • Cross-Realm trust needs to be setup and alt. principals populated