IS&T Spotlight:
Take Advantage of MIT’s Central Windows Domain
•
Jag Patel and Richard Edelson
Most users at MIT are familiar with running standalone computers
that are individually configured to connect to various services,
such as backup and printing. To make this system administration
more efficient and to foster collaboration across MIT, IS&T
provides the win.mit.edu domain. This domain is a centrally managed
Windows environment for the MIT campus, integrated with MIT’s
Kerberos realm, Moira database, and standard DNS namespace. It
enables seamless sharing of resources across MIT.
The domain serves a significant base of users: over the past
year win.mit.edu has been tapped
by more than 60 departments and 10,000 users. These include faculty,
staff, and students in academic, administrative, and research
departments. All faculty, staff, and students who have an MIT Kerberos
account automatically have a win.mit.edu account.
Benefits For IT Administrators
The win.mit.edu domain provides a set of basic tools for departmental
IT administrators, including group management, “containers” to
manage groups of machines, and streamlined software installation.
These tools let departmental IT staff concentrate on projects directly
related to their own computing environments, without the overhead
of account and domain management. Departmental administrators
can also customize their environments in many ways – configuring
a variety of support options for users, including department-level
access to specific services.
Group Management
In win.mit.edu, departmental IT staff use Moira groups (similar
to mailing lists) to control access to their Windows resources.
There’s no need to manage user accounts directly.
Containers
When a department signs up for win.mit.edu, it is given an “OU” or
container where it can build its own environment. These containers
can be thought of as “islands of control.” Container
administrators have powerful tools to control workstations and
servers in their container.
Streamlined Software Installation
Say goodbye to desktop installers, which include a standard set
of software that has to be installed on each machine. Win.mit.edu
provides a streamlined desktop by default, with tools to deploy
a customized set of applications, scripts, and settings for a
department’s environment. Many common software packages
are available centrally, and some can even be deployed across
a department with a
few clicks on a web form.
Flexibility for Users
A user logging into a computer in win.mit.edu has a roaming profile
and a server “home directory” with 1GB of quota. When
the user logs out, the profile is copied back to the user’s
home directory and can be loaded on any win.mit.edu machine that
the user logs into. This gives each user the flexibility to access
his or her home directory – and the documents in it – from
any machine in the win.mit.edu domain.
Microsoft Previous Versions Client
A powerful feature for all workstations in win.mit.edu is the Microsoft
Previous Versions client. Using this client, users can view, copy,
or restore older versions of files in their home directory, as
far back as 64 days. This self-service feature does not require
intervention from an IT administrator. It is especially useful
for retrieving data that may have been deleted from a document
as it was edited over time. Users should still back up important
files on their computers.
Home Base
The win.mit.edu domain is home to MIT’s Citrix service for
hosting business applications like BrioQuery, SAP, and COEUS,
as well as GIS applications. It is also home to the MIT
Windows Automatic Update Service (WAUS).
If you’d like to find out more, visit
the win.mit.edu
Domain web page, which includes instructions
for joining the domain.
|
