Windows Server 2016 Deployment Proposal
INTRODUCTION
We Make Windows, Inc (WMW) requires a solution for their information technology (IT) services using Windows Server 2016. They are starting with 90 employees and five different departments spread across two locations in Los Angeles and New York. With all the necessary equipment already in place, this proposal will give WMW the best deployment approach to suit the company’s needs. This highly develops proposal will focus on the configuration, the installation, and provisioning of services required by WMW.
NEW FEATURES OF WINDOWS SERVER 2016
There are many new features in Windows Server 2016 that WMW can take advantage of. The physical machines will benefit from greater time accuracy due to improvements in Win32 synchronization services. There are new features in identity to help improve companies to secure AD. That will help WMW migrate to cloud-only deployments were some applications are hosted. Active Directory Certificate Services (AD CS) in Windows Server 2016 allows you to now use smart card key storage provider (KSP) for key attestation for devices on the domain. Devices not joined to the domain can use network device enrollment (NDES) enrollment for certificates. According to Microsoft, the newest version of Web Application Proxy concentrates on new features that enable “publishing and pre-authentication for more applications and improved user experience (Microsoft, 2016).” New security solutions include credential guard, remote credential guard, devices guard (code integrity), windows defender, and control flow guard.
Storage in Windows Server 2016 includes enhancements for software-defined storage and file servers. Storage spaces direct provide high availability and scalable storage using the local storage on a server. Replication of storage enables replications between servers for disaster recovery. Quality of service for storage is enabled, so its performance can be monitored from one place.
DEPLOYMENT AND SERVER EDITIONS
For this proposal we will have a total of 10 servers in order to leave room for the company’s growth. We would like to start with at least 1 server for every 10 people. There will be 6 located in the Los Angeles and 4 located in the New York office. Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) as well as file and print sharing services will be combined roles. All servers will run the Windows Server 2016 standard addition and be installed manually at each site. The table below will provide the breakdown of the server roles.
| Server | Roles | Location |
| Server1 | AD primary | Los Angeles |
| Server2 | AD Secondary | Los Angeles |
| Server3 | DHCP primary & DNS primary | Los Angeles |
| Server4 | Application Services & WDS | Los Angeles |
| Server5 | File & Print services | Los Angeles |
| Server6 | DHCP secondary &Web services | Los Angeles |
| Server7 | AD RODC | New York |
| Server8 | DHCP & DNS secondary | New York |
| Server9 | File & Print services | New York |
| Server10 | Web services & Application services | New York |
ACTIVE DIRECTORY
Active Directory (AD) is one of the most important services in every organizations. For this deployment, we will have a single forest with 2 domains, one for each location. We will set up 3 domain controllers for fault tolerance. The two main DCs will be in Los Angeles and the read only domain controller (RODC) will be located in New York. If the main 2 DCs were to fail the RODC data will still be available. Each AD will have a committed server for better performance. We will create sites for the AD DCs at both sites in order for replications to occur. The two domain controllers in Los Angles will serve as the global catalog servers. The AD organizational units will be organized by location (Los Angeles or New York) and then by departments (Executives, Accounts and Sales, Creative/Media Production, Human Resources/ Finances and Client System Administrators (CSA). There will be a site CSAs for each location.
DNS AND DHCP
DHCP automatically hands out IP addresses to system on the network. All client systems will use DHCP. The lease time of 10 days will configured since the network is fairly small right now. All servers and printers will use a static IP to prevent issues. We will configure DHCP for fault tolerance and load balancing with the 2 servers located in Los Angles and the 1 server located in New York. The servers will be configured with failover load balance mode. If one happens to fail, the other will take over. When all are working the load balance will be shared. There will be 2 DHCP scopes with one at each site. Los Angeles will be use 155.85.42.0-155.85.42.200. New York will use 155.85.41.0-155.85.41.200. Leaving plenty of room for company growth and additional devices that made be added.
The DNS namespace design for WMW will begin with wmw.com using the internal private domain. There will be one DNS server at each site. We will be using la.wmv.com for Los Angeles and ny.wmv.com for New York. Los Angles will be the parent and New York will be the child. Split DNS will be set-up using to different scopes allowing one for the internal DNS record and one for the external DNS records. Those scopes will be hosted on the same DNS server, therefore it will keep information on the internal DNS server secure from foot printing issues.
APPLICATION SERVICES
All applications will be deployed using group policy. We will use AD administrative tools to create group policies for all applications and then assign the group policy to each computer on both domains. We will assign applications by department.
Software applications ranges on the needs of your employees. They can help boost WMW’s productivity. We will suggest the basic applications such as, Microsoft Office Professional, Adobe Acrobat Pro, Adobe Flash Player, Adobe Shockwave Player, Mozilla Firefox, Java and some form of intrusion protection. All special applications needed by department will be installed at a later date.
FILE AND PRINTER SHARING
File and print sharing will be enabled for the both sites. There are 2 file servers and 2 print servers split between the two locations. The will be 5 shares created. Each department will have their own file share with NTFS permissions restricting other departments for accessing files not needed for their department. Domain based distributed file system we be used to share resources between the 2 sites. This will enables employees to share files on the network in a controlled way.
File Server Resource Manager (FSRM) is a role service in Windows Server that enables you to manage and classify data stored on file servers. You can use FSRM to automatically classify files, perform tasks based on these classifications, set quotas on folders and create reports monitoring storage usage. Quotas will be created for each department. Each employee will be allotted space based on their needs. They will be notified when they are at 90% of their allotted storage. Employees will not be able to save or store anything once they are over their allotted storage space. We will also be using FSRM to create storage reports for the CSAs. All unauthorized files saved by employees will have a notification sent to the CSAs.
Printers will be managed using the print management console. There is a total of 10 printers on the network with one printer in each office at each location. The drivers will be loaded on the server so employees will not have to install drivers. Group policy will be used by location. Any employee at each site will have permissions to use any printer at their site.
SUMMARY
In conclusion, each one of the topics covered in this proposal helps you understand the needs of this business in an IT prospective. Windows Server 2016 has a variety of new features that will appeal to your employees and help administrators run your network to best of its ability. Active directory is the center piece or your network, while DNS and DHCP are important for WMW productiveness. Applications help run your organization and increase productivity for your employees by department and needs. File sharing will be an essential need for sharing and updates of information in the two locations. The implementation of this proposal allows WMW to be efficient now and grow over the next five years.
References
Curtis, M. (2016, December 13). What’s New in Windows Server 2016. Retrieved October 18, 2018, from https://www.cio.com/article/3148795/software/what-s-new-in-windows-server-2016.html
Microsoft. (2017, January 5). What’s New in Windows Server 2016. Retrieved October 16, 2018, from https://docs.microsoft.com/en-us/windows-server/get-started/whats-new-in-windows-server-2016
The Windows Club. (2017, May 25). Windows Server 2016 Editions, Pricing, Availability, Features. Retrieved October 15, 2018, from https://www.thewindowsclub.com/windows-server-2016-editions