Windows Network Services: Research Paper

Introduction

Organizations with multiple departments across various regions have a huge demand for managing and organizing institutional information to enhance accessibility by different users and groups. Developing the appropriate network infrastructure is an important contribution that IT administrators make in helping to attain organizational goals which include cutting costs on data management, improving security, and enhancing management flexibility. The 2016 installation of the Windows Server is an industry-leading server software that has helped local and multinational enterprises achieve important networking objectives relying on the operating system developed by Microsoft.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

The Windows Server 2016 is a highly versatile management software with numerous features and technologies: Shielded Virtual Machines, Nano Server Installation, Windows Server Containers, Docker Engine, Remote Desktop Services, among others (McCabe, 2016). These facilities are employed variously in networking to achieve particular organizational needs. Opening Windows (OW) is a new advertising firm with locations in Houston, TX, and Richmond, VA. The firm's recent acquisition of Media Guru Group put the group's employee count at 110, increasing OW's need for an integrated information management system.

This paper is an attempt to address the infrastructure needs of the media company including the integration of the acquired firm into OW's existing forests. Establishing an effective networking platform will exclusively rely on Windows Server 2016 features. Other aspects addressed are functional level implementation, replication, rights management, federation services, and group policy.

Active Directory Infrastructure

Windows Server 2016 Features

The Active Directory is a set of processes and services that may be employed by Opening Windows in developing a shared information infrastructure for the management and organization of networking resources. The directory service includes essential features that will be leveraged in the integration of Media Guru Group's domain to OW's forest. One such feature is the Windows Server 2016 Remote Desktop Services (RDS). RDS is used in the windows software for allowing the control of remote computers on a network. RDS allows only the user interfaces to be transferred to the client with all input and software execution taking place at the server (McCabe, 2016). RDS will also allow OW's IT administrators to install important organization applications only on the server allowing for the remote access over the network from the company's departments in Richmond. Centralization of information is necessary for maintenance practices and similarly contributes to security measures by limiting access to authorized users by creating additional security layers that prevent newer systems from compromising existing infrastructure.

Another important facility of the Windows Server 2016 is the Windows Containers. These server containers allow for virtualization within the operating system, whereby, several isolated applications can be run on a single system. Process and namespace isolation are used to provide application isolation. This feature will allow OW to update large and old applications and keep monitoring other applications across its domains. However, the Richmond office will be compelled to upgrade its operating systems to the 2016 installment of the Windows Server to be able to share these benefits. Figure 1.1 below illustrates a conceptual layout of a container.

Forest Functional Levels

Active Directory functional levels specify the advanced features of the AD domain that are applicable in an enterprise environment (Rouse, 2017). These environments consist of domain controllers that run on different windows server versions. This feature is important since AD features are not compatible with earlier versions of the windows server. Domains that exist within a forest can only operate at a functional level higher than the forest. On the converse, no domain can operate at lower levels of functionality (McCabe, 2016). The Richmond office, for instance, can configure their Windows server 2012 to use higher functional levels like the 2016 version of the server. However, functional constraints in the administration of the Richmond domain can be overcome by an installation of the Windows Server 2016.

Cross-Forest Trusts

Cross-Forest Trust enables the automatic management of trust between multiple AD forests. Acquisitions like that made by OW in Richmond can subsequently be consolidated by use of Cross-Forest trusts creating trusts between the root domain of the two forests. This would mean that the departments in both Richmond and Michigan can have access to resources in the different stations without the need of an explicit trust as was the case in earlier versions of the Windows Server Software.

Replication

The Storage Replica in Windows Server 2016 was introduced to enable storage-agnostic and synchronous replication between two servers like the one used by Media Guru and the OW servers. Synchronous replication, in particular, ensures minimal data loss by providing a mirror of the data in either of the two servers (Nemnon, 2016). The feature similarly enables stretch cluster using Storage replica.

Active Directory Certificate Services

With an increased organizational complexity - more employees, more services, and more departments - a modification of the existing Active Directory Certificate Services (AD CS) will be necessary for establishing an efficient organization infrastructure. This move will affect a number of public key certificates for the organization's employees as internal changes will mean the creation of new positions and reorganizations in various departments; as such, new public key certificates will need to be created and others revoked in tandem to these changes. AD Certificate Services are an important contribution to a domain's security through encryptions of files, emails, and network traffic relying on other processes and services of the Active Directory such as the Transport Layer Security and Encrypting File System.

Active Directory Rights Management Services

The AD Rights Management Services (AD RMS) is a service that manages the information rights within the Windows Server. The AD RMS is an important organizational and management tool that limits access to particular information or documents in selected formats, such as Microsoft Word, to authorized users within an organization's network. AD Rights Management Services employ encryption and selective functionality denial to avoid unauthorized decryption of confidential content and further prevent unwarranted operations like forwarding, deleting, editing, printing, or copying of the same. Authorized users can only decrypt right managed data under particular conditions and time-frames, ensuring an organizations information is in safe hands. AD RMS is supported by a number of products including SharePoint, Microsoft Word, Excel, PowerPoint, and Adobe Acrobat. The executives of Opening Windows can take advantage of Rights Management Services by ensuring important organization policy development initiative are communicated in a safe manner that does not allow lower ranked employees to get wind of such developments. The Creative, Media, and Production Department, on the other hand, can develop content and share information among users in their domain with little external interference or the risk of losing sensitive data to unauthorized persons. Finance department may utilize the encryption capabilities of AD RMS to ensure departmental data remains private.

Active Directory Federation Services

The Active Directory Federation Services (AD FS)allows for a single sign-on in accessing applications and other systems on an organization's network. This access control authorization is important in maintaining the security of applications and implementation of federated identity. This involves syncing of employee electronic identity, in organizational setups, with resources across various identity management systems. AD FS authenticates single sign-on allowing a user's token to be used across a number of systems. This enhances interoperability in common use cases such as discussion platforms. Identity federation is achieved by establishing trust between two systems and allowing controlled authorization to services and resources to a user of one domain without requiring a user's direct authentication. In the case with OW' acquisition in Richmond, departmental employees like the accounts and sale personnel will require a single log into their computers connected to the network and this will be enough to allow them access to relevant departmental information on the servers in Michigan.

Active Directory

Forest/Domain Model

The organizational Domain Forest model should be implemented to fix the new organizational setup adopted by Opening Windows LLC. In this setup, the company's autonomous departments are allowed to own individual domains within the network's forests. The operational units including the Finance department, the Creative design groups, sales departments, and the accounting office need to control service administration at the level of the domain to allow for more flexibility and enhance operational independence at the departmental levels. Every department controlling a domain should possess an IT administrator who will oversee the creation of the domain and establish the domain's user policies which may include setting up access passwords (Olsen, 2008). This domain forest model will allow administrators at the domain level to develop Group policies to effectively manage user authorizations. Another possibility within this system is the creation of Organizational Units (OU) which domain administrators will be in charge of including addressing problems to do with the OU structure. Establishing trust relationships with other domains within the forest is another role IT administrators at the domain level will play (Olsen, 2008). The Organizational Domain Forest model will require trusted individuals to head domain organizations since the model allows for accessibility of other domain. These individuals should be instituted by the forest owners who play an oversight role on the domains.

Domain Controllers

Windows Server 2016 allows for the placement of domain controllers in a number of locations. These include the forest root domain controller, regional domain controller, and the operations master role holders. The networking organization of the OW will place its controllers at the forest root. However, the question is whether the Read Only Domain Controllers (RODC) should be part of the consideration. Notably, the RODC holds the read-only partitions of the active directory database. This way, they act as an important tool in mitigating the risks normally associated with unauthorized access to server networks. Domain controllers allow for the delegation of server maintenance duties to trusted users who are unlikely to compromise the domain's se...