Planning, Deployment, Migration and Maintenance

Far West Technologies Microsoft-certified consultants offer expertise in the design, deployment, and support of Active Directory solutions for Windows Server 2003 and Windows Server 2008. Far West Technologies can also provide Cisco-certified network infrastructure engineers to help you enhance the efficiency and dependability of your wide area network infrastructure. In addition, Far West Technologies CISA, CISM, GIAC, and CISSP certified security professionals can evaluate and test your enterprise-wide security and compliance and recommend improvements appropriate for your needs including large-scale, multi-site environments.

Choose your platform: AD for Windows Server 2003 or AD for Windows Server 2008

Windows Server 2008 adds important new and enhanced services to Active Directory. Far West Technologies’ team of experts are proficient at new installations, optimization of existing installations, and migrating from prior versions of Active Directory.

New or improved services and their key features include:

These services are an enhanced and renamed version of Active Directory Directory Services. Active Directory Domain Services centralize configuration data, authentication requests, and information about all stored objects. This allows convenient, centralized management of directory-enabled objects. Windows Server 2008 enhancements to Active Directory Domain Services include:

• Auditing improvements
• Fine-grained passwords for more versatile password policies
• A Read-only Domain Controller for environments with marginal security
• Re-startable Active Directory Domain Services makes maintenance less disruptive

These services are an enhanced and renamed version of Active Directory Application Mode. Active Directory Lightweight Directory Services (AD LDS) provides an alternative database to store directory-enabled application data, which would otherwise be stored on the Active Directory Domain Services database. By allowing you to keep the security account database on a separate location from the application configuration and directory data, you can streamline replication, simplify the Active Directory schema, and partition the directory structure so that AD LDS services is deployed only to relevant application servers. Windows Server 2008 enhancements to Active Directory Lightweight Directory Services include:

• Install from Media Generation facilitates the creation of installment disks
• Auditing of changes within the directory service
• Database Mounting Tool lets you view snapshots of database information
• Active Directory Sites and Services Support simplifies management of AD LDS replication
• Dynamic List of LDIF files simplifies setting up an AD LDS server
• Recursive Linked-Attribute Queries can follow nested attribute links do find additional properties

These services store the certificates and private keys of users, devices, or services, helping to protect the identity and centralizing access to this information for authorized applications. Enhancements to Active Directory Certificate Services include:

• Enrollment Agent Templates can delegate enrollment agents on a per-temple basis
• Integrated Simple Certificate Enrollment Protocol (SCEP) allows certificates to be issued to network appliances such as routers
• An Online Responder reduces network traffic when clients validate certificates
• Enterprise PKI (PKI View) is a new management tool that facilitates the management of Certification Authority (CA) hierarchies

These identity access services help authenticate users from partner organizations and make it easier to integrate trusted and untrusted domain resources. Enhancements to Active Directory Federation Services include:

• Availability As an Integrated Server Role allows Active Directory Federation Services to be managed via Server Manager
• Integration with Microsoft Office SharePoint Server 2007 supports a single sign-in
• Integration with Active Directory Rights Management Services (AD RMS) eliminates the need for AD RMS to be installed in both organizations
• Improved Administration makes it easier for both organizations to configure trust information

These services identify which users have rights to a file and specifies what those rights are (e.g., open, modify, print, forward, etc.). This helps protect data that is distributed to environments that you do not control. Enhancements to Active Directory Rights Management Services include:

• Application Support allows you to install the Active Directory Rights Management Services client on other Windows operating systems.
• Persistent Protection keeps your content secure even when it is outside your network environment.
• Usage Policy Templates makes it easy to set usage rights for files with the same rights.

Windows Active Directory requires experience to configure efficiently across an enterprise. Far West Technologies Microsoft certified consultants are experts in designing, deploying and troubleshooting complex Microsoft Active Directory (Microsoft AD) installations. Our areas of expertise include:

• Far West Technologies’ Microsoft-certified consultants have extensive experience troubleshooting complex Active Directory issues such as replication problems, multi-domain partition configurations, corrupted AD objects, clean-up of legacy beta software configuration objects in production AD environment, and repair of failed installations of AD and AD-integrated applications. Far West Technologies is also skilled in using “expert only” AD tools such as ADSIEDIT, NTDSUTIL, DCDIAG and NETDIAG.
• We offer expertise in designing an enterprise Active Directory environment with multiple locations and can deliver fast, efficient solutions for fault tolerant architecture, placement of servers and services, and AD server roles.
• We can also design and implement an optimal DNS configuration that correctly handles internal, external and remote users.
• To save clients the cost of expensive reconfigurations that may be required as a result of poor initial decisions, Far West Technologies can help make key early decisions concerning Active Directory naming standards, hierarchical model, IT management structure, utilization and structure of group policy objects, plus security and auditing definitions. We can also anticipate the impacts of server and service configurations on functionality and performance.
• Far West Technologies can provide assistance in developing and deploying group policy security models that can save significant support resources by effectively controlling the ability of users to make configuration changes.
• To maximize system robustness and availability, Our engineers can help create an Active Directory architecture and provide expert implementation that features enterprise class redundancy, fault tolerance, effective data protection systems, and seamless disaster recovery.
• Far West Technologies' consultants have experience with a broad variety of scenarios involving Active Directory migrations from legacy NT domain environments, including upgrading of existing NT domains, “fresh” AD domain migrations, collapsing of multiple domains into a single domain, and creation of sub-domain or multi-domain environments.
• To create a unified directory structure, we can help migrate/merge an Exchange 5.5 directory/system into an existing Windows 2000/2003 Active Directory system.
• In order to avoid disruptions in productivity, Far West Technologies can perform seamless multi-site/multi-server Active Directory migrations that are transparent to users.
• Far West Technologies can diagnose and resolve complex problems concerning workstation and server authentication in an Active Directory environment.
• The specialists at Far West Technologies' support applications integrated with Active Directory such as Microsoft Exchange Server and Cisco Unity unified messaging.
• We can help architect, plan and mange the migration/merging of an acquired entities Active Directory environment into a single AD structure.
• For enhanced security, Far West Technologies can provide assistance designing enterprise-wide security policies and procedures and work with Active Directory configuration to implement such policies.

If you are looking for expert help in designing, deploying or troubleshooting complex Active Directory installations, call Far West Technologies at 949-732-7888