University of Massachusetts Lowell
UML Home News Calendar Directory Maps & Directions Libraries Questions
UML Search:
UMass Lowell Information Technology

Active Directory


Overview

In June 2005, ITS successfully migrated its Windows NT-based domain structure (UMLADCO) to Microsoft Active Directory.  This included close to 400 computers and over 600 accounts.  In concert with implementing AD, ITS converted its legacy email system for both students and faculty/staff to MS Exchange 2003, which leverages the AD infrastructure.   Today, we have 1250 computers and over 1500 accounts in the Active Directory forest.  During the next twelve months, the Active Directory Enterprise Operations team will be busy converting the rest of the campus to provide a more secure and efficient enterprise planning infrastructure.

Currently, the UMass Lowell AD forest consists of three domains. The root domain, (uml.edu), is empty, which means it contains no user accounts, and exists to connect the Faculty/Staff and Student domains, (fs.uml.edu, and student.uml.edu), respectively. Each domain operates as its own functional system, and includes user accounts and computers for its intended user base. Because they are connected by the root domain (uml.edu), they can seamlessly communicate with each other, allowing students access to faculty and staff resources, as necessary.

What is Active Directory?
Active Directory presents our campus with a directory service designed for distributed computing environments.  AD allows organizations to centrally manage and share information on network resources and users while acting as the central authority for client management and authorization.  In addition to providing comprehensive directory services to the University's  Windows environment, AD is a consolidation point for isolating, migrating, centrally managing, and reducing the number of directories that our campus requires.

TOP

What is a Directory Service?
A directory service is primarily a network directory that provides a secure, logical, and consistent database in which to store information about the network and all network-based resources such as users, groups, computers, files, printers, applications, policies, etc. As our campus continues to grow in size and becomes more dependent upon networked-computing, the work and overhead involved in managing all of these entities and their complex relationships with our enterprise grows too.

A centralized directory service has the potential to alleviate much of the overhead and allow the University to focus on its core mission by providing a single, consistent point of management.  It can also act as a central authority that can securely authenticate multiple resources and manage their identities and relationships between them.  As a central authority, users do not need to keep multiple accounts to access disparate services.  A single login means their account is authenticated for all resources to which they have been granted access.  Currently, the UML wireless network, VPN, and email systems utilize Active Directory for authorization and authentication.

How does MS Exchange 2003 fit in?
Our e-mail system, based upon MS Exchange 2003, leverages Active Directory to provide a complete directory and messaging solution for the campus. MS Exchange 2003 relies entirely on the MS Active Directory service for its directory operations. Active Directory provides all mailbox information, address list services, and other recipient-related information. Customized distribution lists by college and major, faculty/staff, all undergraduate students, all graduate students, and campus-specific emails are examples of address list services.

More Advantages of Active Directory:

 

  • File Sharing:  One can securely share windows files with departmental members or colleagues using their UML Active Directory credentials.  Request a departmental file share for key files and documents.
  • A single logon:  Leverage your email address credentials to log into your PC and read your email; to access your departmental file shares and home directory; to utilize the wireless network; and to utilize the campus VPN solution.  Additionally, you may log into any computer on campus that is connected to the Active Directory and still have secure access to your file shares and email.
  • Home Directory:  Store your critical files in your private home directory – up to 250 MB.
  • Security:  Systems are up-to-date with patches and virus definitions via Microsoft Software Update Service.  It also helps reduce the risk of security incidents on campus, and allows a coordinated response if an incident were to take place.
  • Departmental Services:  As part of the UML AD infrastructure, departments can have a variety of services, such as automatic distribution of software, secure file transfer service, network file shares, and managed virus/spam control via ePolicy Orchestrator by McAfee.
  • Remote Desktop Support:  Minimize the number of desktop visits by ITS desktop technicians and get your problem fixed right away.
  • Managed Backup and Disaster Recovery:  All data is backed up daily and weekly and are stored securely offsite at Iron Mountain.  In the event of accidental deletion, files can be restored same day if the deletion has occurred in the past seven days.

Contact Information
Questions about Active Directory can be directed to Jim Packard.

TOP

UMass Lowell Information Technology - Olsen 100, 198 Riverside Street, Lowell, MA 01854
Phone: 978-934-4745 Fax: 978-934-3075 Contact Us
Help Desk: 978-934-4357 (xHELP) or help@uml.edu

This is an Official Page/Publication of the University of Massachusetts Lowell