Enterprise Active Directory Technical Details

Technical Details

Active Directory (AD) is an object-oriented implementation of directory services based on X.500 and Lightweight Directory Access Protocol (LDAP) that allow construction of sophisticated naming schemes and databases across network-wide resources. AD was developed as a hierarchical design with multiple levels of organizational units, users, groups, and other network resources.

The AD infrastructure is controlled by our personnel and includes the following components:

• Forests and domains
• Domain controllers
• Schema
• Group policies
• Replication topology
• High-level administrator accounts

Hours of Availability

This service is available 24/7, excluding planned outages, maintenance windows, and unavoidable events. Maintenance windows are used only when needed for planned changes that have gone through our Change Management process. In addition to our standard maintenance windows, site-specific and service-specific changes may be coordinated with customers at non-standard times.

Standard maintenance windows are defined as:

• 6:00 p.m. to 10:00 p.m. each Thursday
• 12:00 a.m. to 12:00 p.m. each Sunday

Migration Requirements

• Current Microsoft Supported OS
• Current DIT Vendor supported hardware
• Ensure that the agency site devices can communicate with the Enterprise Directory at the Eastern and Western State Data centers

Roles and Responsibilities

Enterprise Active Directory Service Responsibilities

• Overall Forest and Domain architecture, design and maintenance
• Domain Controller Implementation, Security and Management; Schema Management; Group Policies; Replication Topology; Sites and Services; Trust Relationships; DNS; OU Design and Management; Delegation of Rights; Built-in Group Management; Forest and Domain Security; Directory Based Account Management
• Active Directory backups and restores
• Participation in Disaster Recovery and Business Recovery Services as requested by agencies

Customer Responsibilities

• Agency application servers and associated data
• Agency file/print servers and associated data
• Client machines and devices
• Backup/restore of application and file/print server data
• Support and maintenance of all non-Windows products that are connected to the Enterprise Active Directory
• Creation, testing and approval of agency-specific GPO's
• Customer support staff will utilize delegated administrative rights within the Enterprise Active Directory portal for group and device management.
• The customer is responsible for working with Directory Services to anticipate changes in service demands prior to the purchase of any new application or hardware that may have an impact on the Enterprise.